Sucuri : 200,000 expired parked domains distribute malicious ads

Directnic
The WorldWideWeb is 20 years old today.

Sucuri: Parked domains serving malicious ads.

A recent article by security experts, Sucuri, unveils the practices of a Hong Kong formed corporation, China Capital Investment Limited, and its portfolio of almost 200,000 parked domains.

According to an extensive article by Sucuri, these domains have been specifically selected for their existing backlinks.

Instead of simply showing a typical parking page, these domains serve their own ads, when content from the previously live web site is requested.

For example, suppose you run a blog, displaying an image that existed on a domain that expired.

Domains under management by China Capital Investment Limited will display their own ads, and often inject its own javascript code to redirect the request.

“Now we see what’s going on. This domain parking service identifies requests to image files made from within web pages (based on headers) and returns image ads to such requests. It is clear why they do it.”

The Sucuri article names Latonas.com as a venue where these domains are often sold:

As far as I can tell, China Capital Investment Limited uses the following business model:

  1. They constantly analyze expired domain names and register those with many live backlinks for one year.
  2. “Park” the domains (point them to the same server that shows ads for any requests regardless of the domain) and hope that people will click on those active links so that they can make money on ads.
  3. In addition to clicks on the links, they hope to monetize the ads that they inject instead of expired hotlinked images.
  4. Finally, they offer their domains for sale on Latona’s Domain Marketplace. For example, here are the typical prices for domains they sell (as of June 23d, 2016):
    1. twomediaxthemes .com – $349
    2. wesupportkristen .com – $252
    3. highaltitudecreative .com -$252
  5. After a year, if a domain is not sold but helped generate more money than the renewal price, it gets renewed, otherwise it is dropped.

For the full article at Sucuri, click here.


Facebooktwittergoogle_plusredditpinterestlinkedinmail
Copyright © 2017 DomainGang.com · All Rights Reserved.

Comments

2 Responses to “Sucuri : 200,000 expired parked domains distribute malicious ads”
  1. iDude says:

    Just now figuring this out? It has been going on for years from many countries and most don’t wait for an expired domain name. They copy content, translate it, put their ads on it.
    It is well documented here for many years. We got tired of it and block entire countries that are prone to bad actors and no enforcement.

  2. DomainGang says:

    iDude – This is different, it uses the existing backlinks to dropped domains to serve ads, without producing 404 errors.

Leave a Reply

Your email address will not be published. Required fields are marked *

 characters available