How spambots work

On pastebin

Via twitter.

Great commentary on HN:

 You can search for the longer phrases in the spintax and find all of the places this spam was dropped before it apparently “barfed its recipe.” It’s pretty fascinating – Google returns over 600,000 results:
https://www.google.com/?gws_rd=ssl#q=%22time+to+make+some+pl…
Looking at this link (http://prophesyagain.org/radio/#comment-98), it looks like this spam was left for a URL that redirects to http://www.itunescoms.com/, a fake looking iTunes knockoff that probably drops all kinds of nasty adware/malware on your PC.

For those unindoctrinated in SEO spam, the trick is to get past the spam filter, then leave a link in the name/username. You generate hundreds of thousands of backlinks to one page, which Google considers “votes” for your website. You can either send links directly to your “money site” or you can send them somewhere else and do a 301 redirect, passing the link juice.
Usually a spammer starts using something like Scraperbox and a lot of proxies to find thousands of blogs or forums with open comment fields, then use a script like the OP plugged into something like XRumer (http://en.wikipedia.org/wiki/XRumer). The syntax of the OP is called spintax, and it basically chooses a random word inside of the {}s, creating an infinite number of comments. You find a few hundred thousand open comment fields to post in, ride a little wave of SEO boost until Google finds you and kills your site, rinse and repeat.
Nowadays most spam syntax as simple as the OP will be caught in filters or penalized by Google, but most spammers are actually really bad at what they do (as you can see by them forgetting a bracket and dumping the entire spintax).

Advertisements