volunteers

What to Do When Your Content Appears on a Compromised Site

Hacked Site ImageThere are many despicable places that plagiarized content can wind up. Spam blogs advertising questionable pharmaceuticals, forums promoting hateful speech and pornographic sites that have nothing to do with your images or material (all things that have happened to me).

However, a recent trend I’ve been noticing in my work has been taking things to the next level. In the past month alone I’ve observed at least two cases (likely several more as several sites were down) of content being lifted, plagiarized and posted onto compromised sites.

In short, innocent websites are being turned into spam blogs and copyright infringers not because they did anything wrong, but because they had lax security and a domain that was trusted by the search engines.

From a content creator’s standpoint, dealing with these infringements is much trickier than with “normal” cases and, if they truly are on the rise and this isn’t just an anecdotal experience, it’s like a problem that more and more webmasters are going to be confronted with.

So why is more and more plagiarized content appearing on hacked sites and what can be done about it? To understand we first have to look at what is actually going on.

The Appeal of Site Hacking

Back in April, word spread quickly that a botnet was targeting websites and trying to gain access to their administrator panels. Though the attack was first billed as a WordPress one, later news revealed that other content management systems were being effected as well.

To be clear, this wasn’t so much a “hack” as it was an attempt to brute force into a site. The idea was to try the basic username and password combinations and, though they wouldn’t work on most, they’d work on enough to make the effort worthwhile.

But this wasn’t the first time websites were targeted for a hack nor will it be the last. In fact, Stop Badware reports that they’ve helped over 140,000 sites get de-listed from their blacklist and have more than a million other URLs on it that blacklist.

There are many reasons why an attacker might want to compromise a website. Outside of personal grudges or disagreements, many compromised sites are used to distribute malware or simply have their servers taken control of so they can be used in later DDOS attacks.

But an increasingly common reason is for the posting of spam content. This has been going on for quite some time, but with the Panda and Penguin changes in Google’s algorithm, often referred to collectively as Google Zoo, this method seems to be becoming more and more popular as hacked domains have a high level of trust and generally escape being caught in search engine filters.

But while Google does try to detect compromised sites, that effort is targeted at sites that are either distributing malware or have been completely altered. Many compromised sites don’t actually have their home page changed and, instead, the spam content appears in a subdirectory away from the rest of the site.

It’s possible for someone to have their site compromised, be hosting a large amount of spam content and never be aware.

However, this content still appears in the search engines and, if the content was lifted from other sites, can be detected by a copyright holder looking for copies of their work.

When that happens, the original creator has a tough choice in how to respond.

Responding to a Compromised Spam Site

If you run across a site that you suspect is an unwitting spam blog, filing a DMCA notice is, most likely, a bad idea. While the content is infringing and you are well within your rights to do so, the notice could result in the closure of the entire domain, at least temporarily, and could seriously harm someone who has not done anything wrong.

Instead, I suggest the following steps:

  1. Confirm the Site is Compromised: Though you might not be able to confirm it 100%, visit the root domain and see how it looks compared to the infringing page. Do they look connected? If the infringing content is on an unconnected page deep within the site and it doesn’t look anything like the home page, it most likely was compromised.
  2. Notify the Webmaster: Find the contact information for the site’s owner, ideally on the main site itself, and let them know what is going on. Tell them to contact their host’s support team if they have any questions about what to do.
  3. Talk to the Host: Failing that, file a notice with their host either through the support or the abuse team. Let them know that you have reason to believe the site was compromised.
  4. File a DMCA Notice: If the host won’t take any action without a DMCA notice, go ahead and file it but add language to make it clear that you believe the site was compromised and you are only seeking removal of the spam material.

THe basic tenet of this is that the person who had their site hacked is a victim and, as another person who was wronged, you have at the very least an ethical obligation to not make things worse for them than they have to be.

It’s bad enough they were compromised, had their site used for spam and, most likely, suffered some with the search engines because of their hosting spam on their domain. You don’t need to make it worse by closing them down, especially if it can be easily avoided.

Bottom Line

The truth of this is simple. Google’s recent crackdown on spammy sites hasn’t made spammers go away or start up legitimate sites. Instead, it’s compelled many to simply try more devious tactics and turn to other forms of spam. Comment spam, for example, was in decline for the latter part of 2011 and much of 2012 but is on a sharp rise again.

Spammers aren’t going to go away and they aren’t going to start creating their own content. They can’t. The needs of their operations are simply too great so they either have to generate or copy the content to fill their pages.

Unfortunately, as the spammers get more devious, so too will the situations you find yourself as you work to defend your content.

However, just because the spammers are being even more diabolical doesn’t mean you can stoop to their level and harm innocent people. If you handle these situations right, you’ll likely help out a stranger and may make a new friend, handle them wrong and you could wind up being hated more than the person who originally hacked the site.

It pays to be the better person, even if it requires a bit more work.

Leave a Reply

STAY CONNECTED