I followed a link to what I thought was landolakes.com and was rapidly redirected to a pharmaceuticals site.<p>How strange I thought, and checked the link which appeared to be legitimate.<p>Then I Googled <i>drugs site:landolakes.com</i> and got pages of hits that reference various pharms.<p>Today it seems fixed. Does anyone know what this vulnerability is/was?
Why not ask the administrative contact for the landolakes.com site? Why would Hacker News readers have any idea what happened on an obscure website that none of us have probably ever visited?<p>Anyway, there are an infinite number of ways sites can be hacked. It was probably just a dumb mistake, as nearly all of the hacked sites I've seen have been (when I was contracting, about a quarter of my clients hired me for forensics and cleanups on exploited servers). Weak passwords, old versions of software with known exploits, unnecessary service running that wasn't properly secured because no one was paying attention to it, etc.
This is an increasingly common SEO trick that Google doesn't seem to be that good at picking up on. Or at least they are unable to detect it for a few days.<p>I don't think there is a specific vulnerability here, just whatever vulnerability the black hat SEOs can find to exploit.
I've seen exploited servers in the past with odd .htaccess files, performing redirects to spam sites depending on the requestor's source IP or some other identifier. Not sure how the server was exploited originally though.