Working toward the heat death of the Universe, one joule at a time!

Working toward the heat death of the Universe, one joule at a time!

I get, as readers of this blog will know, a lot of spam. I’ve been using the same email address for decades (my AOL address since 1992, my own domain address since 1996), so I’ve had plenty of time to get on a lot of spam lists.

Recently, I started to see a whole series of very similar spam messages, all variations on the same message (“Hot Lady Wants You to F*ck Her,” “Invited to H00kup”) and all advertising redirectors on hacked Web sites. I’ve received a ton of these spam messages–about 75 in the last three weeks alone, with more coming every day.

The spam messages all spamvertise malicious redirectors that are placed on hacked Web sites. The redirectors all go to a destination that says “This is NOT a dating site! WARNING! You will see nude photos. Please be discreet.”

There’s a lot of hacking activity going on. Every spam message points to a different hacked site, all of which redirect to a whole network of identical landing sites. This, then, is the work of an organized, deliberate hacker or (more likely) group of hackers, likely using automated tools to hack vulnerable Web sites and plant the malicious redirectors.

Curious, I decided to go down the rabbit hole, to see what I could find out. I started collecting the spam emails, tracking how often they came in, what URLs they spamvertised, and where those URLs redirected to.

I discovered an organized gang of hackers and fraudsters operating out of a series of companies organized in Cyprus, who had built a large network of hacked sites and were using the hacked sites to funnel traffic into a fake dating site that attempts to get rather a large amount of money from marks it cons into signing up. …