When the volcano Eyjafjallajökull erupted causing a chaos in the air traffic, on the one hand I remembered all my colleagues who were in Barcelona at the BlackHat Europe (many of them are still there thanks to the volcano…) and on the other I thought about the typical attacks we see everyday using the search engines. However, this time I made a bet: “I bet anything that there is no SEO attack using the name of the volcanoâ€
Everything is fine for the moment, as nobody seems to know the correct name of the volcano. Taking a quick look while I was writing this post, I’ve seen these 4 names in 4 different media:
Eyjafjöll
Eyjafjallajökull
Eyjafjalla
Eyjafjallajokull
And this is the result of malicious links when you search the names:
Eyjafjöll                  -           1 result
Eyjafjallajökull    -           0 results
Eyjafjalla                -           0 results
Eyjafjallajokull    -           0 results
It seems I was almost right 
And at least both the first and second names are right.
Anyway, don’t you think that we are free from malicious searches, as we have an avalanche of malicious results when we look for words related to the news:
- Malicious results as shown in Google
The words used by the cyber-crooks in this attack are the following (for the moment):
Iceland Volcano News
Iceland Volcano Images
Iceland Volcano Eruption
Iceland Volcano Video
Icelandic Volcano
Iceland Volcano Satellite Image
Iceland Volcano 2010
Volcano in Iceland
South Iceland Volcano 2010
Volcano 2010
When clicking any of these links, we are redirected to different websites from which different fake antivirus (rogueware) try to be installed on the computer:
Adware/SecurityTool
- Adware/CleanUpAntivirus
- Adware/CleanUpAntivirus
Jökull is glacier and fjall/fjöll mountain in Icelandic.
So we can translate the volcano’s name as “glacier mountain”
No malicious results on that term… yet
To clear the confusion, the volcano Eyjafjall is under the glacier Eyjafjalljökull and the glacier got it’s name from the volcano.
I think the volcanoname means something like “islandmountain”.
I don’t know if it’s possible to call a volcano for malware otherwise I suppose I’m quite off topic.☺
Nope, sorry, it’s a feature not a bug.
Strictly speaking Eyja is “island”, fjöll is “mountain”, fjall/a is “of the mountain” and jökull is “glacier”
Eyja-fjalla-jökull is therefore glacier-of-the-Island-mountain
The correct name would therefore be Eyjafjöll meaning ” Mount Island”.
A proper english equivalent that describes the event would be the “Mount Island eruption”.
The search term Eyjafjallajökull (cut and pasted here) was not used by the criminals because it wasn’t used as a keyword in searches. It wasn’t searched for because yes it is difficult to spell. The keyword never made it on Google Trends. The criminals simply ask Google what people are searching for using Google Trends and use the resulting keywords in their BlackHat SEO logic. This is a very effective BlackHat SEO methodology for current events. Other BlackHat SEO tactics are at play but the keywords utilized are less time sensitive and not event driven.