Near as I can tell, pretty well every somewhat-visible website in the world is seeing its logfiles fill up with with bogus page fetches there only as a vehicle for a spammish “referrer” field; whether or not the site posts referrer data. This high-volume flood is a fairly recent phenomenon, and what makes it weird is that the vast majority of the bogus referrer sites are off the air due to some terms-of-service violation. It would appear that a sleazebag somewhere launched a really ambitious assault on the whole world—using, I can only assume, a few zillion zombified drone machines—only to be found out and have their hosting yanked while their mindless slaves continue to spew vacuous venom into logfiles everywhere. Damn, the Internet is a weird place. [Update: This was a big one, and lots of people studied it.] [Update: I think I may have spoken with the perp.]

John Sinteur traces the bad buy back to a single IP address. Arve Bersvendsen offers more research. And Anne Elisabeth discovers that those off-the-air sites aren’t staying that way.

For a while this morning, it seemed to have stopped. But as of 11:30 AM Pacific time, they’re back. This is big and involves a lot of domain names and a well-known IP address; wouldn’t be nice if some capable law-enforcement organization found whoever it is that’s doing it and THREW THEIR ASS IN JAIL?

So I did a whois on one of the domain names that shows up, and there’s a listing there, with people’s names and phone numbers, in New York. I called the 212- phone number and a woman’s voice said “Hello?” It dawned on me that the phone number could be another forgery, so I just said “wrong number” and hung up. Jeepers.

author · Dad · software · colophon · rights
picture of the day
January 16, 2005
· Technology (77 fragments)
· · Publishing (154 more)

By .

I am an employee
of, but
the opinions expressed here
are my own, and no other party
necessarily agrees with them.

A full disclosure of my
professional interests is
on the author page.