First off all, i would like to inform, that i am not the author of this thread / text. I get this text today morning (Moscow mean time) by email from GPWA user Oliver155 who can't post thread here, at GPWA, by technical reason. Sorry for my English.
I ask the affiliate community to pay close attention to this message. At stake is the safety of each affiliate’s business. The threat is real and serious. Unfortunately, there is a high probability that at least 90% of affiliates, who receive SEO traffic will lose all of their incomes within the upcoming months or even weeks.
**THE BEGINNING OF THE PROBLEM**
The story began in the Russian-speaking segment of the internet (Russia & CIS countries) in December 2020. Within three weeks, the affiliate business of all the top affiliates was completely destroyed of all the top profitable keyword SERP’s (we are talking about iGaming; casino, sports betting, etc.) in the Russian-speaking segment in the Google search results.
Their websites lost their TOP positions in the search results. Their places were taken by the copies of their websites, but on someone else’s domains with someone else’s affiliate links.
**HOW DOES THE SCHEME WORK?**
No one knows 100% how the scheme is used by the attackers. But what we do know is that the attackers took advantage of Google search engine’s vulnerability, known as the “301 BUG”.
We are certain that for the past 3 months, thousands of Russian-speaking affiliates were not able to develop any protective measures.
Supposedly the scheme looks like following:
-Dropped domains with high indicators are being bought.
-A copy of the victim’s website is placed on the dropped domain.
-With the help of the ‘hreflang’ attribute, it indicates that the website is the original for the language it is created on, but for another GEO, and the website is the copy for that GEO, which the original was meant to be for.
-After some time, Google starts to consider the copy as the main website for Geo, and it appears in the search results.
-On the original website, the traffic stops completely.
**WHO IS BEHIND THIS SCHEME**
Investigation made by Russian-speaking affiliates found, that there is at least one group who is in charge of the scheme, physically located in UA. Currently, the specified scheme is a priority for this company, as BUG-301 allows to get traffic without affiliates, but by using their work. We know that there are 500 SEO Professionals and hackers who are working on the scheme, approximately divided into two independent companies.
We know that there are several other affiliate programs, that are also interested in the affiliate website hijacking scheme.
**ATTACK ON THE WESTERN SEGMENT OF THE INTERNET**
In March 2021, attacks using BUG-301 began on the Western markets. We already know of the losses of websites by webmasters in the TOPs of AU, NL, NO, SE, PL, and DK. New losses occur on a daily basis. We have some information, that this attack is only a test attack. An attack on the Western markets in full force is expected in the nearest future. In this thread, we will keep you informed on the new cases of websites losses by affiliates.
**WHAT SHOULD WE DO**
As our practice shows, there is no protection against the BUG-301 attack. This vulnerability can only be fixed by Google. Unfortunately, the Russian-speaking forum on Google support for the webmasters is not checked by Google employees.
**EXAMPLES OF THE COPIED WEB\\SITES**
avido.com.au - True Blue Casino
stoptheselloff.org.au - BettingPlanet.com
gamlinroofing.com.au - CasinoShortList.org
eatout-sydney.com.au - Free-pokies.net
bootsphotography.com.au - Aussie Play Casino
coughinggherkin.com.au - CasinoAus.com
redcabbagefoodandwine.com.au - Australia-casino.org
theta-healing.com.au - ThatCasinoBonus.com
casino208-live.club/resources - OnlineCasinoBlueBook.com
coolcat-australia995.club/bitcoin-casino/ - Cool Cat Casino
livespincasino-202.club/us/online-casinos/ - Gambling.com
How to check:
These sites redirect you if you try to visit them directly.
Use this order.