Google dumps all 11+ million .co.cc sites from its results

[Jack]

Google has removed over 11 million .co.cc websites from its search engine results pages on the basis that most of them are far too "spammy".

The .co.cc space is not an officially authorised second-level domain like .co.uk or .com.au. Rather, it's offered independently by a Korean company (http://co.cc/) that just happens to own the domain name .co.cc.

Google classes the firm as a "freehost", and has exercised its right to block the whole domain "if we see a very large fraction of sites on a specific freehost are spammy or low-quality", according to Matt Cutts, head of Google's web spam team.

Read more

 

[jamescv7]

Google did it right, as domain co.cc was always linked for viruses/malware.

 

[Dejan]

Initially .co.cc wasn't meant to be used for malicious purposes, but the fact that it's free, easy to obtain, needs almost no personal information for registering is what makes it so easy for spammers and malware writers to use it to they're advantage, I think Google made a good decision with this one.

 

[Vextor]

Now while I agree that co.cc links are linked with malware and scams, some legitimate people do still use them. I really have no opinion on this.

 

[MrXidus]

... And nothing of value was lost, Its good to see this useless domain removed, When ever I saw a co.cc link it was either spam, virus or simply just a re-director to viruses, surveys, PPC.
I might have 1 or 2 good websites on it but that was very long ago.

 

[Jack]

... And nothing of value was lost, Its good to see this useless domain removed, When ever I saw a co.cc link it was either spam, virus or simply just a re-director to viruses, surveys, PPC.
I might have 1 or 2 good websites on it but that was very long ago.

Very true.Most of the sites on this site had malicious or unwanted content, so not a bad decision from Google.Those who want to build a good site will have no problems buying a real domain and hosting services.
Would be interesting to see how many users were going to this sites as a result of Google Search ,and how many were redirected to them from another domain.

The .cc top-level domain belongs to the Cocos (Keeling) Islands, a small Australian territory in the Indian Ocean. Regular .cc websites are unaffected by Google's changes

Maybe one day Google will deal with them too, the. cz.cc , .co.kr.domains are also being used for malicious purposes.Also .com.ru and .com.cn are suspicious enough.

 

[jamescv7]

A small percent of chance you can see a legitimate under a domain of co.cc.

 

[Dejan]

I did use .co.cc domains for some of my past sites, along with other people from the same IRC network we were on, but your right that very little people use it for legitimate purposes and even less make they're sites useful or professional.

 

[Jack]

Google’s Decision to Ban an Entire SLD Is a Paper Tiger​

Google recently removed websites under the .CO.CC second-level domain (SLD) from its search engine’s results. As a means to protect users, we do not think this is a good solution.

Based on our research and monitoring of malicious domains and cybercrime activity, we know for a fact that all major cybercriminals have already moved from *.co.cc to other similarly abused SLDs like *.rr.nu or *.co.tv. This abuse of rogue SLDs is excessive and is rapidly escalating. Cybercriminals routinely jump from one SLD to another in order to keep their FAKEAV via blackhat search engine optimization (SEO) schemes alive, among other Web-based attacks.

The following list of the number of malicious URLs we found on certain SLDs suggests why blocking *.co.cc domains is a short-term band-aid solution:

In addition, if we chart the typical infection chain for the majority of blackhat SEO attacks nowadays, you will notice that the malicious SLDs are more often used for the second, third, up to the fourth jumps or redirections. The doorway pages—those that are actually indexed by search engines—very rarely use *.co.cc. So, blocking these makes no sense.


The recent ICANN decision—to add a nearly unlimited number of new top-level domains (TLDs)—will make the problem even more complex in the very near future. Add to this the fact that ICANN requires parties interested in becoming a TLD registrar to deposit a certain sum of money in order to get accredited. Knowing how the cybercriminal mind works, we are pretty sure this is practically an open invitation for cybercrime gangs to launder money while running a completely malicious TLD.


Read more

 

[Jack]

Interestingly enough, the CO.CC General Manager has posted a message on Google's webmaster help forum in which he challenged Google to block the blogger and facebook pages from search results since it chose to do the same with the all .co.cc websites.

This is General Manager from co.cc.
I tried to contact to General Manager of Google but I haven’t got any reply from him. Therefore, I post my message in here to ask you forward this to him.

I know the reason that Google deindex to co.cc because it has high ration of malicious sites and low quality sites. However, I don’t think it is right decision that Google just block the whole domain which has 10 millions co.cc sites and 200millions webpages without any notice to us.

Within total co.cc sites, the fraction of malicious sites is not over 0.01%. We have block malicious domains that we got this information from many major vaccine companies including Trend Micro and Symantect since 2010. And also, according to Spamhaus advices, if there is any new domain set, we are checking whether the server IP is not list to Spamhaus Block List. In addition, once we get malicious domains information from major vaccine companies every day, we are promptly doing Shinkhole.
With these kinds of serious monitoring and taking prompt actions, the ratio of operating malicious domains have been not over 0.01%.

We have no right to force internet users making high quality web pages. It is obviously to overstep our authority. Each internet user has their own right to make their website and it is their ability to do so.

As you know, xxx.blogspot.com and facebook.com/xxx have about 70%~80% that have been just setting there without any caring. On the other words, those are actually low-quality sites.
I have a question to you. “Can you deindex those *.blogspot.com and facebook.com/* sites? Your Google-robot is already smart enough, so those low-quality sites are rarely exposure due to falling into behind of dominant searches. If necessary, you might need to make more smart Google robot.


Read more

 

[Dejan]

This is untrue for one and just dumb really.
The amount of malicious and scam sites using .co.cc domains is much higher then what they stated, I don't know the exact percentage, but I'm sure it's higher then this. And as far as I know, most *.blogspot.com sites aren't malicious or even close to the amount they stated.

 

[jamescv7]

The General Manager must aware that the domain was a place for malware unlike blogspot not at all were malicious.

 

[Littlebits]

It should be up to the domain owners (CO.CC) to stop the malicious sites but since they haven't been effective to remove or stop the malicious registrants, Google made the right decision to remove them from their search results. However the domain has a Comodo Trust logo verified which applies to all sub-domains? Very strange that Google blocked a domain that has a Comodo Trust logo.

Thanks.

 

[HeffeD]

However the domain has a Comodo Trust logo verified which applies to all sub-domains? Very strange that Google blocked a domain that has a Comodo Trust logo.

The trust logo just tells you that the domain owner has been verified and that they use SSL for online transactions. Nothing more, nothing less. So, if you want to buy a domain from them, you can be assured that you aren't falling for a phishing scam.

And no, sub-domains do not count. Just because the domain owner is who they say they are, this does not mean anyone who is using their services is who they say they are.

 

[Dejan]

True, since the company itself can't (or at least doesn't) control every new sub-domain registration and what the sites using these sub-domains are.

 

[Littlebits]

However the domain has a Comodo Trust logo verified which applies to all sub-domains? Very strange that Google blocked a domain that has a Comodo Trust logo.

The trust logo just tells you that the domain owner has been verified and that they use SSL for online transactions. Nothing more, nothing less. So, if you want to buy a domain from them, you can be assured that you aren't falling for a phishing scam.

And no, sub-domains do not count. Just because the domain owner is who they say they are, this does not mean anyone who is using their services is who they say they are.

Thanks for the info, I wasn't sure about Comodo Trust logo many people misinterpret its purpose, I known visited another co.cc sub-domain that also had the trust logo as well. It was a site for a freeware open-source project known to be safe. I know Comodo has been more strict on issuing Trust logos.

Too bad so many people abuse a free hosting site and get it blocked by Google, it is a disadvantage for those who use it correctly.

Good day.

 

[Jack]

As expected the cyber criminals didn't stop after Google banned the co.cc domain...they've just switch to other alternative second-level domains like co.cz, uni.cc, and bz.cm.

Kaspersky Lab analyzed this behavior and this is their conclusion :

Google’s actions may not have been very beneficial. On the one hand, they have removed a huge amount of malicious resources from their resource. On the other hand, they have forced out a lot of legitimate websites. Moreover, as there are many services like co.cc, the cybercriminals will quickly switch over to another service, making the blocking of just one zone completely pointless.
Read more