Rogue Affiliate Hacking Scheme Uncovered; Educational, Government Sites Targeted

A rogue affiliate operator based somewhere in central Europe is believed to be responsible for an extended hacking scheme targeting seldom-updated pages on mostly US-based institutional sites.  The scheme’s temporarily successful intent: Inserting secretive backlinks into these pages, thus creating top-page SEO rankings on Google for the affiliate’s link-farm style site.

hacker_inside_logoNews of the hack was recently revealed by eTraffic, an online-search and marketing firm, including online gambling.  ETraffic researches revealed on Thursday that they have stumbled upon the scheme, in which at least 76 web pages had been subtly altered to include such backlink phrases as “real money slots online” and “online casino,” among many others.

The secretly-altered pages are predominantly on the domains of US-based colleges and universities.  The list of notable institutions whose websites were hacked by the unidentified rogue includes such well-known schools as Duke University, Stanford, the University of Michigan, Dartmouth (an Ivy League school), the University of Florida, the University of Kentucky, plus many others.  A few local-government and non-US domains are also among the list of sites known to have been hacked.

The purpose of the hack was quite clear, and explained at length in the eTraffic piece.  By creating the hidden backlinks from already high-ranking sites, the lawbreaking affiliate achieved top-page Google ranks for many different keyword and phrase searches.  Google’s long-broken algorithm has been abuse in such ways in several instances in recent years.  Click-throughs by gambling customers who search for the key phrase can translate into quick conversion payments for such cheating affiliates.

Here’s a sample of how the backlink text (italicized) was inserted, clunkily, into unrelated pages.  This comes from the official site for the city of Reading, Pennsylvania, among the dozens of victimized domains:

… File an Annual Business Privilege Tax Return

Most businesses are assessed a small fee based on gross receipts generated on the sale of goods and services in the City. Detailed information is available on the City’s web-site.

Obtaining a Health Permit

The sale of food is online casino games real money no deposit also regulated by certain health and safety codes, and permits that are issued by the Property Maintenance Division at City Hall. It is against the law to serve food or sell groceries without the required permits. For additional information, contact the PMD at 610-655-6283. …

Most of the hacked sites have since been fixed, though some examples still remain.

As to who’s responsible for the hack, that’s not yet publicly known.  The site (which we won’t name or link to, which would be self-defeating), is registered anonymously through Company Gransy (Gransy S.R.O, d/b/a Subreg.cz), a Czech Republic-based sub-registrar.  And the site is hosted in Frankfurt, Germany, at one of European hosting service Leaseweb’s many server sites.

The illicit link farm is still active as of today, though it is likely that several response actions are in the works.  Such responses likely include takedown orders involving the hacking’s beneficiary domain, plus a likely manual blocking of that domain from all Google results, when and if Google ever gets around to it.  Civil and criminal charges are also possible once the hacker is identified.  The affiliate’s link farm includes offers for sites created by Microgaming, NextGen, NetEnt, BetSoft and Real Time Gaming, implying that the rogue affiliate currently has deals with those gaming providers, at least temporarily.

COMMENTS

Leave a Comment

*

LATEST NEWS

filter by

Haley Hintze

23rd August 2019 // Industry, Misc, News, Online Poker Action

PokerTracker Site Hacked, Credit-Card Details Possibly Stolen

An unusual case of site hacking may have affected some recent purchasers and users of PokerTracker 4, the...

Haley Hintze

23rd August 2019 // Misc, News

Vegas Police ID Slain Laughlin Casino Robber

The Las Vegas Metro Police Department has identified the man who was shot and killed by a Metro SWAT team following the...

Haley Hintze

21st August 2019 // Legal News, Misc, News

Phil Ivey-Borgata Update: WSOP Event 58 Winnings Confirmed Garnished

Flushdraw has confirmed via court records that New Jersey’s Marina District Development Co., LLC, the parent...

Haley Hintze

21st August 2019 // Industry, News, Online Poker Action

PokerStars Slashes Cash-Game Table Cap

In a move made without advance notice, industry-leading online poker site PokerStars has dramatically slashed its table...

Haley Hintze

20th August 2019 // Industry, Legal News, Misc, News

Unibet Fined €470,000 For Targeting Dutch Online Gamblers

An increasing crackdown by the Netherlands Gambling Authority against operators illicitly targeting the country’s...

Haley Hintze

18th August 2019 // Industry, Legal News, Misc, News

DOJ to Appeal Wire Act Loss

The US Department of Justice has confirmed its previously announced plans to appeal the early June decision by the US...