This past summer we noticed a trend of more and more Blackhat SEO hacks trying to verify additional accounts as owners of compromised sites in Google Search Console (formerly Webmaster Tools).
Google Search Console provides really useful information and tools to webmasters who want to:
- Know how their websites perform in search results.
- Receive notification about performance, configuration and security issues.
- Efficiently troubleshoot Search Engine Optimization (SEO) issues.
There’s really no reason why someone wouldn’t register their site there. It contains beneficial information for anyone who wants their website indexed by Google. Hackers realize this and try to get access to the Search Console for websites they hack, especially when they add their own spammy content and technically are (malicious) webmasters.
For example, this was found in a template of one pharma doorway generator:
<meta name="verify-v1" content="JxC+bn8NTCEfKZIdusC9WQELc8FEwbi8p32wf9q0QGA=">
This line of code allows hackers to verify site ownership of compromised sites.
Using Google verification meta tags is just one of many approaches that hackers use. In this post, we’ll show some other (more sophisticated) tricks and talk about the outcomes of such hacks.