Scammers and spammers are using user-generated content sites to distribute links to malware and viruses. The malicious content is advertised as pirated software and games, in an attempt to lure users. The issue is plaguing many platforms but appears to be rather persistent on Facebook and Google groups.
Over the weekend, we uncovered a disturbing trend: scammers deploying DMCA notices to suppress game piracy sites.
It seems their aim was to boost the rankings of their own malware-laden pirate sites in search results.
While our initial focus was on the misuse of takedown notices, the problem runs much deeper. In addition to content removal, scammers are bombarding numerous platforms with messages containing links to their shady pirate sites.
We reached out to a source with extensive knowledge of this activity, who has been diligently tracking and reporting spam across various platforms including medium.com, change.org, wattpad.com, github.com, bitly.com, deviantart.com, zendesk.com, soundcloud.com, ghost.org, hashnode.com, and others.
Fortunately, many of these platforms responded promptly to our source’s reports, swiftly cleaning up the mess.
“The list goes on, but I’m heartened by the responsiveness of these services. Some have even implemented spam filters, and medium.com went the extra mile by sending a thank-you t-shirt,” our source shared, preferring anonymity.
Dealing with spam is like playing a never-ending game of whack-a-mole. While some platforms are proactive in tackling the issue, others are less responsive. Unfortunately, Facebook and Google fall into the latter category.
For months, scammers have been exploiting Facebook events as a platform to openly peddle their malware and trojan links, using multiple accounts to amplify their reach. Shockingly, some of these events have remained active for months on end, such as those hosted by the Fix Problem account.
With hundreds of events listed, ostensibly linking to pirated software, games, and other illicit content, these scammers are gaming the system to boost SEO and drive traffic to their associated sites. It’s a brazen tactic that highlights the challenges platforms face in combating such abuse.
The issue persists despite efforts to address it. Despite detailed reports to Facebook, little improvement has been seen. Many of the reported events remain online, and new ones continue to surface regularly.
A simple search for “Just Cause” Facebook events created within the past week reveals dozens of results, indicating the ongoing challenge of combating this type of spam on the platform.
Initially, the malicious Facebook posts directed users straight to the sites hosting the malware-laden content. However, in a shift more recently, scammers have turned to Google groups, possibly as these links are trickier to automatically detect.
Despite the promise of free software, games, or movies, those who click on these links end up downloading files infected with malware. The landing page may suggest otherwise, but the reality is far from it.
While Facebook events seem to be a preferred tool for spammers, Google groups are also heavily exploited. This problem was flagged to Google’s attention weeks ago, with a comprehensive post in the webmaster help forum.
Despite the report, many of the flagged groups have persisted online, with some still active at present. Moreover, new ones continue to surface, indicating an ongoing challenge.
Google has taken some steps to address the issue by flagging certain postings, albeit with warning messages instead of removing them entirely. Upon investigation, TorrentFreak found that many of the links provided in these spam posts led to suspicious malware files or worse. While spamming of this nature is not new, it’s clear that Google, Facebook, and others need to scrutinize their approaches to tackling it.
One individual has taken it upon themselves to combat these scammers, viewing it as a personal crusade. Given their own involvement in a pirate site, they have a vested interest in the matter. They believe that previous takedown actions against their own links were orchestrated by these scammers, a belief supported by detailed evidence shared with us.
This takedown saga has also stirred up tensions among legitimate pirate sites. Accusations have flown back and forth, resulting in the closure of one site and a flurry of additional drama. While it’s difficult to corroborate all claims and counterclaims, our source has directly tied these takedown efforts to the scamming activity observed on Google, Facebook, and other platforms.