Russian Google and Reddit misdirects skewing Google Analytics
Russian hackers target Google and Reddit
With browser hacks sending thousands of Russian visitors to UK and US sites.
Take a look at this screen shot of my analytics dashboard for December
This is a display of the ‘Location’ statistics for December for this site provided from Google analytics.
Analysis
Country codes
As you can see result number 2 is clearly a hack.
It reads – Secret.ɢoogle.com You are invited! Enter only with this ticket URL. Copy it. Vote for Trump!
This is not a country code. It appeared in November in the run-up to the elections.
Result number 4 – o-o-8-o-o.com search shell is much better than google!
Again, not a country code and clearly showing vulnerabilities in Google Analytics tracking JavaScript code.
Referrers
For information on how people reached my site, or, it’s referrers.
Again, showing signs of pro-trump Russian hacking.
The largest referrer is Reddit that voxpops opinion based internet mishmash of views and opinion.
Going by the name of ‘Lifehacĸer.com original idn fake. Safe. Best on FF, Safari, Chromium, messengers and ɢAnalytics‘ – https://www.reddit.com/r/technology/comments/5foynf/lifehac%C4%B8ercom_original_idn_fake_safe_best_on_ff/ G
Motherboard.vice.com /read/this-pro-trump-russian-is-spamming-google-analytics.
Looking at this magazine site that has published an article about the Russian redirects and exploits, and then is subsequently hacked.
Google Analytics
Works by putting a JavaScript applet in the source code, which is called up when a page is accessed.
There are ways to prevent Google Analytics using privacy settings, not downloading the full page, turning off JavaScript etc.
As a general rule Google Analytics will record visitors that don’t have privacy settings on high, have JavaScript enabled and download the full page.
Compromised Russian browsers are being used to exploit vulnerabilities in Google Analytics and submit false analytics results like the ones shown.
Most of it seems to be pro-Trump or meaningless, unrelated name-checks on other well-known renowned US websites.
Russian hacking groups usually work for money.
It’s not government level.
It does suggest a level of mobilization against foreign powers, and after the outage on Oxford Street on Black Friday and the reported problems with UK mobile phone networks on the week to 3rd December, it all points to a the actions of a more co-ordinated policy of techno-warfare.