SEO poisoning is a sophisticated attack that is being perpetrated on a daily basis. Basically, the hacker includes a script (in apache config, in your WordPress blog, htaccess, etc.) that says, if the incoming user agent = googlebot, etc. SEND THEM here. If it’s not, display that site.
So, in our customer’s example, all of his SEO rankings were showing porn, Viagra, etc., but to end users, the site worked just fine. So when Google crawls his site, Google is redirected to other content. Google indexes it, and moves on. So now, ALL of the SEO for the site is showing indexed data for the porn site.
Even worse now, the one we dealt with last week, was operating a ‘webring’ of sorts. That is, the sites referred to each other as well. These cracked sites were thus increasing the SEO value of the porn links exponentially as the ring grew (as more infected sites were added). This was growing at approximately 30 sites a day.
The main ‘benefit’ here is that Google indexes this hacker’s site, using your back links, etc. to your site, to grow his own SEO value.
Unfortunately, this is a sophisticated attack, and usually has many layers (in this case, the redirects were in 4 different places, and took hours to identify all of them).