• About
    • History of Dallas SEO
  • Contact
  • Topics
    • Bing
    • Blogging
    • Branding
    • Domain Names
    • Google
    • Internet Marketing
    • Link Building
    • Local Search
    • Marketing
    • Public Relations
    • Reputation Management
    • Search Engine Marketing
    • Search Engine Optimization
    • Search Engines
    • Social Media
    • Tech
  • Advertise
  • Services
    • Search Engine Optimization
    • Ongoing SEO Services
    • SEO Expert Witness
    • Google Penalty Recovery
    • Mini SEO Audit
    • Link Audit
    • Keyword Research
    • Combine Websites SEO Services
    • PPC Management
    • Online Reputation Management
    • Domain Name Consultant
    • Domain Names & Expired Domains
    • Domain Name Appraisal

Bill Hartzer

GoDaddy Airo: Register your .com domain name today!
Home » Search Engines » Search Engines Not Doing Enough to Stop Hackers

Search Engines Not Doing Enough to Stop Hackers

Posted on August 16, 2011 Written by Bill Hartzer

The search engines, Google, Yahoo!, and Bing are great at helping us find information on the web. If you are like me, I personally perform a lot of search queries every day, finding new information and visiting new websites every day. That’s why I use a search engine. However, the search engines are indexing too much information on the internet–and as such, they are not doing enough to stop hackers. They are helping them.

According to a new report by Imperva, their research shows that during an attack, hackers can generate more than 80,000 daily search queries to probe the Web for vulnerable Web applications. Hackers continue to use search engines such as Google, Yahoo!, and Bing, to find websites that are vulnerable–and which sites they can hack into and cause problems for website owners.

Let’s take, for example, the search query above. This is a search for “powered by oscommerce” “catalog” which use the OS Commerce application. That search query is not typical. There is really no reason why someone would want to find all of the websites that contain the entire catalog of websites powered by the OS Commerce shopping cart software unless they were up to no good.

There are literally hundreds, if not thousands, of search queries that are not ‘typical’ search queries. The search engines are not doing enough to stop these queries from being made, time and time again. In this latest test, hackers were able to query Google over 80,000 times in one day, pulling data about websites that were vulnerable. If Google had intentions of stopping hackers, search queries such as these would not be able to be performed 80,000 times in one day.

According to Imperva, here is how hackers set up automated queries in order to get information they need from the search engines:

The Hacker’s 4 Steps for an Industrialized Attack:
1. Get a botnet. This is usually done by renting a botnet from a bot farmer who has a global network of compromised computers under his control.
2. Obtain a tool for coordinated, distributed searching. This tool is deployed to the botnet agents and it usually contains a database of dorks.
3. Launch a massive search campaign through the botnet. Our observations show that there is an automated infrastructure to control the distribution of dorks and the examination of the results between botnet parts.
4. Craft a massive attack campaign based on search results. With the list of potentially vulnerable resources, the attacker can create, or use a ready-made, script to craft targeted attack vectors that attempt to exploit vulnerabilities in pages retrieved by the search campaign. Attacks include: infecting web applications, compromising corporate data or stealing sensitive personal information

Google is not doing enough to stop hackers. Imperva, in their report, explains. “Although Google Hacking has been around – in name – for some time, some new innovations by hackers require another, closer look. Specifically, Google, and other search engines, put in place anti-automation measures to stop hackers from search abuse. However, by using distributed bots, hackers take advantage of bot’s dispersed nature, giving search engines the impression that individuals are performing a routine search. The reality? Hackers are conducting cyber reconnaissance on a massive scale. ”

Imperva’s report, titled “Hacker Intelligence Summary Report – The Convergence of Google and Bots: Searching for Security Vulnerabilities using Automated Botnets”, is a fascinating read.

Filed Under: Search Engines

About Bill Hartzer

Bill Hartzer is the CEO of Hartzer Consulting and founder of DNAccess, a domain name protection and recovery service. A recognized authority in digital marketing and domain strategy, Bill is frequently called upon as an Expert Witness in internet-related legal cases. He's been sharing insights and research here on BillHartzer.com for over two decades.

Bill Hartzer on Search, Marketing, Tech, and Domains.

Recent Posts

  • Unbounce Doubles Down on AI and Automation to Boost Go-To-Market Teams July 10, 2025
  • NameSilo to Acquire SewerVUE Technology in $2.45M Deal July 10, 2025
  • Internet Marketing Ninjas Acquired by Previsible.IO July 9, 2025
  • Metricool Brings Real Analytics to Personal LinkedIn Profiles July 8, 2025
  • This Cleveland Agency Found a Smarter Way to Rank in Every Suburb—Without Opening More Offices July 8, 2025
  • Survey: Gen Z Reuses Passwords but Demands Bank-Level Security From Small Businesses July 8, 2025
  • Liftoff Reveals What’s Actually Working in Mobile Ads July 7, 2025
  • EasySend’s Big Move: AI Tools That Make Static Forms Obsolete July 7, 2025
  • Is Social Media Failing Small Businesses? New Survey Reveals a Hidden Blind Spot July 7, 2025
  • Why Cloudflare’s Pay Per Crawl Is a Trap for 99% of Websites July 2, 2025
  • The Hidden Risk of Double Letters in Brand and Domain Names July 2, 2025
  • GEO Verified™ Launches to Help Brands Survive the AI Search Shakeup July 1, 2025
  • RetailOnline.com Hits the Market After 25 Years—And It’s Built for the Future of E-Commerce July 1, 2025
  • AI-Powered Task Planning: The Future of Business Efficiency and Personal Productivity June 30, 2025
  • New Yoast Add-On Turns Google Docs Into an SEO Power Tool June 26, 2025
  • Simon Data Flips the Script on Marketing with AI Agents June 26, 2025
  • IAB Lays Down the Law for Gaming Ads—Here’s What Brands Need to Know June 26, 2025
  • Google Review Extortion Text Message – Scam Warning for Business Owners June 25, 2025
  • Google Names SearchKings Top AI Innovator for Transforming Lead Quality June 24, 2025
  • Marketing Exec Buys Social Media Firm in Deal That Signals Big Plans June 24, 2025

Hartzer Domains

Bare-Metal Servers by HostDime

DFWSEM logo

Bill Hartzer is a Brand Ambassador for:

Industry Friends

I Love SEO
WTFSEO
SEO By the Sea
Brian Harnish
Jeff Lenney
Jeff Gabriel
Scott Hendison
Dixon Jones
Brian Hartzer
Navah Hopkins
DNAccess
SEO Dallas
Confirmed Stolen

Connect With Bill Hartzer

Bill Hartzer on Twitter
Bill Hartzer on BlueSky
Bill Hartzer on Instagram
Hartzer Consulting on Facebook
Bill Hartzer on Facebook
Bill Hartzer on YouTube

Categories

  • Advertising (109)
  • AI (201)
  • Bing Search Engine (8)
  • Blogging (43)
  • Branding (19)
  • Domain Names (316)
  • Google (260)
  • Internet Marketing (52)
  • Internet Usage (95)
  • Link Building (53)
  • Local Search (63)
  • Marketing (232)
  • Marketing Foo (34)
  • Pay Per Click (9)
  • Podcast (19)
  • Public Relations (9)
  • Reputation Management (14)
  • Search Engine Marketing (46)
  • Search Engine Marketing Events (60)
  • Search Engine Marketing Firms (94)
  • Search Engine Marketing Jobs (33)
  • Search Engine Optimization (189)
  • Search Engines (223)
  • Social Media (302)
  • Social Media Marketing (58)
  • Tech (16)
  • Web Analytics (21)
  • Webinars (1)

Note: All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only, and are mentioned only to help my readers. All other trademarks cited herein are the property of their respective owners. Use of these names, logos, and brands does not imply endorsement.

 

Hartzer Consulting

Website, Content, and Marketing by Hartzer Consulting, LLC.

Disclaimer - Privacy Policy - Terms of Use

Copyright © 2025 ·