Russian Google and Reddit misdirects skewing Google Analytics

Russian Google and Reddit misdirects skewing Google Analytics

It's only fair to share...Share on Facebook
Facebook
0Tweet about this on Twitter
Twitter
Email this to someone
email

Russian hackers target Google and Reddit

With browser hacks sending thousands of Russian visitors to UK and US sites.

Take a look at this screen shot of my analytics dashboard for December

Google analytics hacked

This is a display of the ‘Location’ statistics for December for this site provided from Google analytics.

Google analytics hacked

Analysis

Country codes

As you can see result number 2 is clearly a hack.

It reads – Secret.ɢoogle.com You are invited! Enter only with this ticket URL. Copy it. Vote for Trump!

This is not a country code. It appeared in November in the run-up to the elections.

Result number 4 – o-o-8-o-o.com search shell is much better than google!

Again, not a country code and clearly showing vulnerabilities in Google Analytics tracking JavaScript code.

Referrers

For information on how people reached my site, or, it’s referrers.

Again, showing signs of pro-trump Russian hacking.

Google analytics hacked

The largest referrer is Reddit that voxpops opinion based internet mishmash of views and opinion.

Going by the name of ‘Lifehacĸer.com original idn fake. Safe. Best on FF, Safari, Chromium, messengers and ɢAnalytics‘ – https://www.reddit.com/r/technology/comments/5foynf/lifehac%C4%B8ercom_original_idn_fake_safe_best_on_ff/ G

Motherboard.vice.com /read/this-pro-trump-russian-is-spamming-google-analytics.

Looking at this magazine site that has published an article about the Russian redirects and exploits, and then is subsequently hacked.

Google analytics hacked

Google Analytics

Works by putting a JavaScript applet in the source code, which is called up when a page is accessed.

There are ways to prevent Google Analytics using privacy settings, not downloading the full page, turning off JavaScript etc.

As a general rule Google Analytics will record visitors that don’t have privacy settings on high, have JavaScript enabled and download the full page.

Compromised Russian browsers are being used to exploit vulnerabilities in Google Analytics and submit false analytics results like the ones shown.

Most of it seems to be pro-Trump or meaningless, unrelated name-checks on other well-known renowned US websites.

Russian hacking groups usually work for money.

It’s not government level.

It does suggest a level of mobilization against foreign powers, and after the outage on Oxford Street on Black Friday and the reported problems with UK mobile phone networks on the week to 3rd December, it all points to a the actions of a more co-ordinated policy of techno-warfare.

(Visited 18 times, 1 visits today)

Leave a Reply

Your email address will not be published. Required fields are marked *