Threat actors are abusing Google's Looker Studio (formerly Google Data Studio) to boost search engine rankings for their illicit websites that promote spam, torrents, and pirated content.
The SEO poisoning attack analyzed by BleepingComputer uses Google's datastudio.google.com subdomain to lend credibility to malicious domains.
Abusing Data Studio to boost warez sites' rankings
BleepingComputer has come across several pages of Google search results flooded with datastudio.google.com links after a concerned reader reported seeing the erratic behavior to us.
These links, rather than representing a legitimate Google Data Studio project, are minisites that host links to pirated content.
For example, one such search result we clicked on, directs users looking to "Download Terrifier 2 (2022)" to bit.ly links that further redirect multiple times to ultimately land on a spammy website.
As evident from the screenshot below, the SEO poisoning campaign uses the keyword stuffing technique which is often considered a form of webspam, to boost rankings of these illicit domains:
Clicking on one of these Bit.ly URLs further redirects the user several times before they arrive on a website promoting online surveys, streaming sites of dubious legality and authenticity, and spam:
Introduced in 2016 by Google, Looker Studio (formerly, Google Data Studio) is a web-based business intelligence tool that enables users to transform data into customizable informative reports and...
Read Full Story: https://news.google.com/__i/rss/rd/articles/CBMicWh0dHBzOi8vd3d3LmJsZWVwaW5nY29tcHV0ZXIuY29tL25ld3Mvc2VjdXJpdHkvZ29vZ2xlLXNlYXJjaC1yZXN1bHRzLXBvaXNvbmVkLXdpdGgtdG9ycmVudC1zaXRlcy12aWEtZGF0YS1zdHVkaW8v0gF1aHR0cHM6Ly93d3cuYmxlZXBpbmdjb21wdXRlci5jb20vbmV3cy9zZWN1cml0eS9nb29nbGUtc2VhcmNoLXJlc3VsdHMtcG9pc29uZWQtd2l0aC10b3JyZW50LXNpdGVzLXZpYS1kYXRhLXN0dWRpby9hbXAv?oc=5
Your content is great. However, if any of the content contained herein violates any rights of yours, including those of copyright, please contact us immediately by e-mail at media[@]kissrpr.com.