Why free webhosts need to get rid of spammer redirects
I’ve been talking about the blasted redirects for some time now. They’re not new. This has been going on for a looong time. What was new to me was the use of unauthorized uploads.
But it’s time to focus on free website services and redirects.
Why is that so bad?
Free webservices are generally based on one business idea: Ad revenue.
And that’s not what the spammers are after. They want surfers to see THEIR ads, and nobody else’s. Which breaks the free webservice business model. Which means they need to break the redirects, and preferably scan their harddrives for websites using those kinds of redirects and booting them off the service.
My latest analysis was alice.it. There’s a javascript file pointed to from xoomer.alice.it/put0/3/, which has a convoluted but easy to decipher javascript on it that does the redirect. Not understanding Italian, I couldn’t find a way to notify them. If there are any Italian speaking people here, could you help? Comment here if you notify alice.it.
August 21st, 2006 at 5:07 pm
Thanks SO MUCH for all your tips & pointers.
Between you, Akismet and Bad Behaviour, I’m down to 1 spam a day on the websites I run, from a peak of over 300 per day. I’ve lopped 70% off my traffic without hurting my real readers. My IP banlist is so complete that the spammers are shitting down their left leg trying to get in, but no friggin’ dice.
Machine translators are not so hot just yet, but you should be able to use Altavista Babelfish to create simple messages understandable in Italian, etc. I re-translate to English whatever I convert to foreign languages to make sure the text makes some sense. Short & sweet like “Please stop spammer on your system” (Arresto prego lo spammer sul vostro sistema) translate well enough to get you what you want.
Many thanks!
August 22nd, 2006 at 1:20 am
BTW, you wouldn’t happen to have a complete list of HANARO.COM & KORNET.NET IPs, would you? The world would be so much better off if all of .kr was simply devnulled.
October 1st, 2006 at 3:11 pm
We’re running a free web hosting business and really want to do our part to prevent and eradicate redirect spam on our servers. Our TOS explicitly states that spam, virus, spyware, malware, etc is strictly prohibited, but obvoiusly that doesn’t prevent idiots and malicious parties from abusing that policy.
Is there any documentation or software that you guys can point us to that would help us to detect and delete this type of code? We wrote some pretty robust anti-phishing logic for our file uploader, but haven’t had much luck identifying the patterns in the highly obfuscated redirect code that redirect spammers are using.
We definitely DON’T want it on our servers, and it’s become more and more of a problem lately.
October 1st, 2006 at 3:34 pm
To Paul, first of all, do searches. For your domain, and frequently spamvertized terms, like various types of pills.
Second, make it known to bloggers that you terminate spammers on sight, and maybe they’ll send you a tip each time they find something. Like I’ll do now. I’ll do a query and send you what I find, just as a start.
Second, if and when you do find something, analyze the javascript, and find the part that does the redirect. Check your servers for other instances of that code, and terminate.
Also, check out the TOS/AUP on this page, and amend as needed, then add your site:
http://spamhuntress.com/wiki/Spam_unfriendly
August 26th, 2007 at 3:54 pm
The only way to get rid of spamming/hacking is by preventing at leaast 60%, that is coming from Africa,unfortunately…