Hacked affiliate sites

[IV]

to get ppc traffic involved at least three or more parties and this is not possible to find all this chain.

[bb1web]

Hi all,

Ivan please help us out here because if you're innocent then it benefits you too to help get rid of those who would do others wrong.

pretty clear, that much.

I may not know a lot but i know PPC pretty well. Maybe between myself and help of the smarties here .. we can figure out who is benefit in the end.

Because whoever is making money is who is guilty of this, but problem is ... there could be more than one party making money from this situation ... but not all the parties are aware this is traffic gained thru criminal behavior.

Rick is that about right so far?


first thing is which PPC is the traffic coming from?

can you guys figure that much out with what is available now?

[bb1web]

to get ppc traffic involved at least three or more parties and this is not possible to find all this chain.

Perhaps not if you will help us by looking thru your site stats. I imagine they should be able to tell where the traffic is coming in from ... and shouldn't that be a start?


*sorry if I ask something dumb, nothing ventured ..



.................

btw: I don't have time to go back thru and thank everybody ... and I read this before logging in so I couldn't do it at time of reading, but anyway big thanks to Terry, Rick and others who have helped out, and special thanks to Ivan for patience and understanding as to why the newbie was pointing a finger Ivan's way. Hell I would have too probably.

[pgaming]

Not really complicated. A PPC source was hired paid to send traffic and they did through whatever means possible. Botting the web, looking for relaxed htaccess permissions to inject their redirects they obviously found one ron66’s site.

IMO all three parties are at fault here, ron66, IV, and the PPC Company. However none of this would have occurred if the htaccess permissions were set to disallow this injection. Regarding IV well I too have met him and must agree with casinobonusguy’s comments. And lastly the PPC/ SEO Companies hired are likely the guiltiest party.

A hack definitely not the file was open for rewrite. Nothing was taken or destroyed besides this would be the work of a cracker not hacker. A file was modified with the permission of the site holder.

If I understand the situation correctly? The beneficiary would be IV.

greek39

[Squigley]

I don't think IV would benefit from this any more that he would get what he paid for, that is, traffic.

The owner of the site at the ip address from the htaccess file (whose name and gmail address are listed in whois) either gets paid from the ppc company or he does not. If he gets paid he is most likely the culprit.

It seems the site at that ip address has already been associated with dodgy activity (hxxp://geekpolice.forumotion.com/malware-urls-f41/protectxyourcom-information-t18140.htm)

If he does not get paid from the ppc company, then they should know who does get paid. They do have an abuse report form on their site.

So I guess it is up to the OP what he does now.

[pgaming]

I stand corrected my apologies. I should have not posted anything without diving into the matter further my mistake.

greek39

[bb1web]

I don't think IV would benefit from this any more that he would get what he paid for, that is, traffic.

well you benefit by converting the traffic that has been redirected to your site. And trust me on this, if it weren't on the shady side, I'd be all over buying PPC traffic that I knew was real. ... such as in this case where its coming in from search engines (as I understand it) and then being redirected so that's good traffic.

IV may not have known how it was acquired but I can certainly understand (now) any reluctance to pursue this. Its probably been converting for him.


but in any case as mentioned, there is more than one party to benefit, but it doesn't mean all parties are guilty.

.......


what PPC is it? Did that ever be established? someone mentioned they had a report abuse page. what PPC is it?

[Squigley]

Looking at the source of the google cache for the ppc.php page at the specified ip address shows that the links and images point to hxxp://iwebimg.net. That site in turn says it is presented by hxxp://rivaclick.com. The link to the abuse report is at the bottom of that site.

[bb1web]

well done sir/madam.

[bb1web]

these were the top bidders for "casino"

well done sir/madam.


If any of these look familiar to you ... now you know where your traffic has been coming from (If i understand everything correctly, these are the top bids and I'd imagine the title of the ad? ... for keyword "casino".

does anybody recognize their ad? I would be curious thru what PPC you bought the traffic so I can avoid it. After looking over that rivaclicks site ... t he top money making words were more times than not ... spelled with letters which I cannot make using my keyboard. Usually, that traffic is not near as good as traffic from places that do use english. IMO

1SuperSlots - 100% - Up to $300 Signup bonus0.7799
2$2500 no Deposit bonus* HD Casino0.6699
3Play Online Casino Games at BetUS Casino0.6615
4$5000 Free Casino Cash0.4693
5The Best Online Casinos. US Players OK.0.4191
6Free Casino Cash. Casino0.3773
7Get $777 Casino Bonus. Free Casino Games0.3773
8Find the Best Deals for casino0.3069
9Shopping for casino?0.2442
10All about casino Here!

[universal4]

The person buying the traffic from the ppc can NOT be held responsible for this.

The person getting the money for the clicks FROM the ppc certainly has a hand in this (inmyopinion) and if the person earning the commissions from the ppc is NOT involved, then what incentive is there for any hacker/cracker whatever, to compromise a site or htaccess file and redirect traffic to a page full of ppc ads that someone else is earning from?

Now, the ppc itself is not exactly at fault here, but if we would prove to them that the person involved in the hacking is doing so and they continue to allow the practice to continue and continue to pay for such traffic, then they would be at fault for accepting such traffic.

If you look back to my very first post in THIS THREAD I have stated all along that the original accusation was likely leveled at the wrong individual.

Rick
Universal4

[IV]

two examples for ppc traffic:
#1 advertiser<->ppc company<->traffic source
#2 advertiser <-> ppc<->ppc<->.....<->ppc<->traffic source

There are no big problems in first case, but low ammount of traffic.
In case #2 big amount of traffic but about 50% of them not real visitors - software generated traffic. Good trafic comes using seo - about 100% real visitors and about 70% of them targeted. I have about 50% real visitors from good ppc, rest of them generated. Others ppc companies bring about 50% - 99% not real visitors. I am wasting at least 50% of my ad budget to buy ppc traffic.
I have experience working from pioneers of ppc like goto, finwhat to new ones. First five years I was trying to catch cheaters. Nobody opened names of their traffic sources even when I proved that I received questionable traffic. ppc company only can close the account for that traffic source today, but tomorow same person will open new account with new company name, new site and same fraudulent technology. This is real life. It does not help even if you find name of that person. Now i do not waste my time to find cheaters. It does not help. I am working to protect my business and avoid questionable traffic. This is my point of view.

[universal4]

IV,

That is all well and good and I agree that the cheating traffic from ppc is part of why it is difficult at best to get a decent ROI from ppc ads....but it is still possible.

BUT....this thread is about an individual that hacked a sites htaccess file and redirected traffic to a different location.

The only reason ppc comes into play is because the page the traffic was directed to had ppc ads on them which is an indication of who was behind the hack.

If anyone knows anyone at the ppc is question, that is a lead as to tracing down who is behind this.

Because of the ppc's privacy policy, they will likely NOT reveal this info, but if they would at least dump that individual from earning money for their traffic, that at least would be a step in the right direction.

Rick
Universal4

[ron66]

Well it's very simple for me IV. I have never given anyone permission to change my htaccess file. If anyone did, they did it without my permission.

It's just like someone broken into your house just after fresh snow has fallen outside. I just follow the footsteps in the snow and it's leading me to your house.

So there is a problem in your house, it could be you it could be someone else. If you are saying "I'm not the guilty one" Fine.. but than it's up to you to figure who is.

You say (ron66 should contact his hosting company if he has any problem with his server.)
5 minutes after I saw what had happened I phoned my hosting provider, they told me that an IP number from the USA has been making the changes.

You say (ron66 should think before send any messages.)
The message is exactly as it has happened.. and it has been copied one on one.
The address http://91.203.71.19/ppc.php is still leading to a page with your websites on it.

If you say "I just pay money for traffic. That's it."
Than I think that's to easy. I could pay someone to to shoot some else. That would make me just as guilty as the one who shoots.

I can imagine you didn't know that you where buying traffic that has been stolen. But not acting on it now and saying in another post "Now i do not waste my time to find cheaters." makes me wonder…..

Hi.
I am owner of casinobonus4u.com. I am over 10 years in this business and I never heard more stupid thing like this. It looks like this guy ron66 new in this business and does not understand anything how seo companies work. I buy traffic from different seo companies who redirect search engines traffic to my site. This is paid traffic. I do not need to hack any sites or search engines. I just pay money for traffic. That's it.
I hide some affiliate id for seo purposes, lots of affiliates are doing same.
ron66 should contact his hosting company if he has any problem with his server.
ron66 should think before send any messages.

[Chalkie]

This is quite an unfortunate thread and what happens no one can agree it is right, fair or ethical in any way.

To IV i say, why are you not a little more sympathetic towards the issues that Ron has suffered? The aloof manner with which you have reacted does very little to reassure anyone that you are innocent, however, i am not considering you to be the guilty party.

It would be nice if you would spend just a little time trying to help break this scam, even if it is just to appease people who are suffering.

You say that it is a standard event that happens regular with ppc in this way and that if they are stopped today, they will simply open up tomorrow and start all over again. Well, do you not feel a company that will allow this should be outlawed? They could surely put in better ways to police this and fight harder to stop this type of fraud. If they are not prepared to try then they are as good as committing the fraud and should not be supported in anyway.

To Ron i say, please consider IV to be experienced and busy, he is very unlikely to be the guy who is gaining from this. Infact, he is likely getting no more than he is paying for through the PPC deal he is on than if all the traffic was sent legally by them.

I understand your upset and frustration, however, taking 100% out on IV is unfair and counter productive.

Plenty here would like to help catch these thieves, however, without too much ammunition it is hard to do so.

Perhaps telling people the ip address of the culprits as you have this info from the hosting company.

This is very unlikely to end with the people being caught, however, if enough time and effort is put in by the right people it just may.

[ron66]

I'm not taking it out a 100% to IV and I understand he is probably a victim in this case.

But waving it away, and doing nothing is not what I expect from someone with 10 years of experience. A little help in finding out what has happened here could be very productive.

And I would try to do everything possible to make sure this http://91.203.71.19/ppc.php would go offline. But it's still there.

To Ron i say, please consider IV to be experienced and busy, he is very unlikely to be the guy who is gaining from this. Infact, he is likely getting no more than he is paying for through the PPC deal he is on than if all the traffic was sent legally by them.

I understand your upset and frustration, however, taking 100% out on IV is unfair and counter productive.

[ron66]

I ask my hosting provider about this. they say it's 644 and not 777 protected. (htaccess)

Don't know much about these things, but I do understand it was not open for everyone to modify.

But about one thing I'm really sure... I NEVER! have given anyone permission to modify it.

A hack definitely not the file was open for rewrite. Nothing was taken or destroyed besides this would be the work of a cracker not hacker. A file was modified with the permission of the site holder.

[pgaming]

Hi Ron,

I totally sympathize for what has occurred and feel somewhat sorry. I understand you did not intentionally permit anyone to modify your htaccess, figuring your file was safe. I always believe before all else gaining knowledge making your work secure is likely the number one priority. Why build a house with no doors?

For myself I would not consider this a hack, crack or anything else. Again, like you agree the file permitted such changes by almost anyone. However this does not justify what has occurred. A few people have taken advantage of you in a maliciously and cowardly way. A few weeks back I found a BlackBerry Smart Phone in a parking lot. I could have kept it installed new software and the phone would have been mine. The moral debate whether or not I should keep it lasted for a minute. Well I tracked down the owner and returned the phone the right thing to do IMO. Some would have kept the phone and likely justified it by the person should have not lost in the first place.

Webmasters should shy away from these corrupt malicious seo/ppc companies. In the end there nothing but a nuisance, they are the equivalent of street gang. Looking for free opportunities every chance they get. They would have kept the cell phone and sold it the next day.

Well enough gibberish the fact IMO all parties involved should share some of the blame. Lock up that file.

greek39

[IV]

ron66,
Other smart thing from your side ron66: access to your hosting was from US IP, but you know I live in Canada.
I am 10 years in this business because of I am working legal way. Nobody can prove the opposite. I see you like walking on snow, but snow and internet are a little bit different things.
Not a problem if you do not understand simple things. the problem is you are not going to understand this. You ron66 have to think before pointing a finger in my way.
I think you are cheater. You have access to your server and you did these changes to make money per click. You cannot prove that you do not get money per click. You play this game to get attention to your person and become popular in one minute. You will not solve the problem in this way.

Well it's very simple for me IV. I have never given anyone permission to change my htaccess file. If anyone did, they did it without my permission.

It's just like someone broken into your house just after fresh snow has fallen outside. I just follow the footsteps in the snow and it's leading me to your house.

So there is a problem in your house, it could be you it could be someone else. If you are saying "I'm not the guilty one" Fine.. but than it's up to you to figure who is.

You say (ron66 should contact his hosting company if he has any problem with his server.)
5 minutes after I saw what had happened I phoned my hosting provider, they told me that an IP number from the USA has been making the changes.

You say (ron66 should think before send any messages.)
The message is exactly as it has happened.. and it has been copied one on one.


If you say "I just pay money for traffic. That's it."
Than I think that's to easy. I could pay someone to to shoot some else. That would make me just as guilty as the one who shoots.

I can imagine you didn't know that you where buying traffic that has been stolen. But not acting on it now and saying in another post "Now i do not waste my time to find cheaters." makes me wonder…..

[shayla69]

Yes i it a virus i dnt think noone hacked into ur site i was reading about it also online and some of my co-workers were also talking about.