100.....,..

Notice your sales on May 2, 3, 4, 5th? Now watch what happens as of 6th.

If we all dont unite and do something the sky WILL fall

spyware doctor = best anti spyware program.

Nope, once infected with the stuff in this thread there is not much they can do except reinstall.

The best solution (besides taking these fuckheads down..thats in the works btw) is to make the surfers awear.

Bump.../

i lost about 80% of my sales mostly from payed spots from GTS :(

lol what? You bought GTS traffic and then suddenly your sales took a nosedive?

very good thread

I've been buying gallery spots from them for a long time not that i bought it now for the first time then the sales went down :) I am saying that sales are down 80% from those spots compared to a few weeks ago.

today bump

The truly big issue here is that the program owners aren't feeling any pain because sales continue for them, just different affiliates are getting credited for the sales. Something will happen when the spyware guys start massively redirecting traffic away from program join pages and onto other program's join pages. Then suddenly the "Bros club" will wake up and smell the shit they are standing in.

Until then, it sucks to be an affiliate.

this sounds like that we're experiencing on our paysite, have you heard about other owners who are having these direct issues? :Oh crap

Don't ask where I know this from but...

These guys are stealing ALOT OF FUCKING sales (more than you can imagine) and for some unknown reason their script do not, in many cases at least, change the refering URL when they replace your affiliate ID with their affiliate ID when your surfer clicks his way to the sponsor..

So... these guys accounts has alot of sales with your domains (your galleries) as the refering URL..

So... the program owners who looks at their data on a regular basis is fully aware of this problem .. and knows it's HUGE

I'm not sure how many surfers who's infected with this CODEC trojan, but I think it's MANY .. the way it's installed is genious... "You need this codec to watch this movie" .. I almost clicked the fucking download the first time I saw it... and I'm just average stupid ;)

I'm afraid we're talking 1000s of stolen sales a day..

99% of programs are seeing this. Rather than face the facts and attack the issue at hand they are busy changing billers, hosting and tweaking tours.

They/we will all get how serious this is soon.....I hope

i would like to talk with you, can i have your icq/email?

Since most programs depend on affiliates and don't have loads of inhouse traffic, they'll be fucked...as soon as really big affiliates look for other programs because ratios go shit.

It's only a matter of time and owners still have the choice if they'll be losers or winners in this ugly game.

Yes, but it takes time - most people aren't going to go back and pull up long embedded links, they aren't going to kill off older galleries... so there is plenty of traffic that just doesn't go away. The program owners will feel it though if they lose major listings because they don't convert.

What's your email? I will hit you up asap

Bump, For the program owners to read

This is only the tip of things but it is a good example of how traffic is being diverted from many places.

The following comes from 1 click on an infected machine. Everything in the quote all took place in about a second.
Notice that after clicking an ad on the Google results, it takes the user through the Google ad to the intended advertiser. It is then redirected so fast that most people won't even realize they even went to the intended site.

So, the advertisers on Google(and the other engines) are getting hit by a PPC charge, for traffic that really doesn't even make it to their site, but for a millisecond.

The traffic that is redirected is sent to various smaller PPC engines, through multiple redirects. The user finally lands at a, non-affiliated, top paying advertiser for these various PPC engines and the terms used. In this case the term was 'tomato seeds'.

this is happening for all keywords and all niches, mainstream and adult.


In this redirect it appears they are using abcsearch.com.
They use spoofed referrers such as indaxis.info/search.php?q=term-used and many other similarly styled refs.

Sickening.

Looks like many chinese sweatshop clickers will have to look for a new job...

Imagine the sums we are talking about with hundreds of thousands of infections daily...this isn't a few script kiddies making some money, it's organized crime at a high level.

hit me up: 3lettercom AT gmail DOT com

thanks!

this thread needs a bump

Does anyone really care?


Is anyone doing anything to stop this?


What can I do?

early morning bump

bump..............

The problem is that all affiliates can do it trying to educate surfers, make them aware that this spyware can be used for identity theft, theft of personal data, etc...although a guy with his cock in his hand is rather hard to educate.

The only really effective way of getting rid of these parasites is shutting down their affiliate accounts on sight. It's up to the program owners to watch for new affiliates suddenly generating huge sales volumes, especially if these affiliates aren't from the US, canada or western europe.

greedy bastards

bump...............

Theres got to be a way to prevent ref code swapping and it has to be done on the sponsor end. I don't have have a clue how all that shit works but i find it hard to believe that there is no way to encode ids to stop this.

NTSS: There are some ways that this could be addressed, but most programs aren't into it because (a) it would require time, effort, and programming, and (b) they are still making sales, just different affiliates are getting creditted.

Until the programs themselves start to feel true pain, there will be nothing done.

This is news? This has been going on for awhile, and it's not just the online adult industry that's affected.

I think a possible way to stop affiliate code replacements would be for all affiliates to be allowed to make domain aliases for the sites they're promoting...

Example :

You are an affiliate promoting cumfiesta.com .. when you link to the site like this cumfiesta.com?affid=mrcool then these thieves script see that the infected computer is loading the cumfiesta.com domain and then maked the replacement of the affid...

The affiliate could then reg his own domain for this site.. like cumfiestatour.com (nastydollar then need to add this as an alias to cumfiesta.com) then the trojan script can't recognize the domain and can't make any affid replacement..

it's not news. But like any annoyance, nobody really talks about it until it becomes a real major issue. At this point, affiliates on many programs are seeing major sales swings, and now it would appear that CCBill may have been targetted, at least for some sites using them for sales and stats. It is finally news because the affiliates are feeling the pain.

My own experience shows conversions getting worse and worse, yet most program owners not saying a peep or discussing problems, so I have to assume they aren't seeing the same issues their affiliates are seeing.

So yeah, it's news, only because the minor cut has turned into a ruptured artery, and the lifeblood of the industry is slowly dripping out.

Might work on some, but most will just grab the sale as it hits the processor. If you move signups to the same domain you are gonna need SSL certificates for each alias. Besides, they'll catch on after a while and start adding the domains to the redirect database.

The thing is that the program owners can't be so aggressive in this issue or they risk getting their traffic redirected insted of just sent to an malware affiliate, my bet is many of them are aware of the malware affiliates and some probably shave them pretty hard. It's pretty easy to track what affiliates get malware sales.

When this become as big a problem for mainstream as it is for adult, then we will see improvements, not until then. I'm afraid that the only solution in the end is that microsoft fixes the rootkit problem and puts a really good anti-malware program in windows update.

I will just say that I have reported all threads and issues such as this and they are taken seriously. I will continue to do so.

there we go finally some real info in this thread. these spyware guys are straight up stealing adult traffic and sending it to mainstream PPC buyers.

quickdraw hit me up on icq please:

4162727

That's not the only place its going.

We have been deep into this shit since this thread was started and we are finding some things that when made public, it will rock the industry and not only will it shut down one of the biggest companies in the biz, it will also make the owners run and never look back.

You mean shut down, change their name and come back like nothing happened like megapornbucks? :disgust

Done . .

bump..................

too long for me to read, but I'll bump it

there needs to be an organization of webmasters to document what is going on and draft an email that everyone can send to M$ along with making surfers aware that they are infected who knows what else they are stealing besides traffic.

Not only that.. there need to be an adult webmasters organization to cover our asses in everything that's hurting adult bizz.. Something that actively tracked down spyware installers, website hackers, password traders, shaving programs etc. and worked to shut them down..

Problem today is that with no organization we are just easy targets waiting for the next bad thing to happend :Oh crap

What might actually make things happen is if we could show Microsoft, Yahoo and google how much money they are loosing on ad traffic due to malware. But that means the affiliate progams needs to step up and track how much of the traffic is lost.

Most program owners think this is just bullshit and are blaming the economy and the card processors.

ATTENTION PROGRAM OWNERS

Do yourselves a favor and please give me the benefit of the dought. See how nice sales were yesterday and how shitty they are today? Now, go look deep into your stats and compare yesterdays join page (YOUR JOIN PAGE) to processor page. You will see that your surfers never leave YOUR join page nor do they make it to the processor. Ain't that a kick in the ass?

BUMP - this is some scary shit :mad:

this thread needs to be bumped

another bump