WordFence expose BHW Link Seller

MaxTucker · Dec 20, 2017

I found this on twitter and just saw they called out bhw member @Serpable

https://www.wordfence.com/blog/2017/12/backdoor-captcha-plugin/

Very interesting technique, looking into serpable for further reading though I found things that are very alarming!!!!

this user sells 3 products on this forum which could be this user selling hacked links on BHW!!!

this is shocking

https://www.blackhatworld.com/seo/stop-overpaying-professional-pbn-posts-with-huge-authority-1-tf15-full-monthly-seo-solutions.928684/

https://www.blackhatworld.com/seo/rankable-hits-bhw-links-that-work-high-quality-links-hand-built.822717/

https://www.blackhatworld.com/seo/shhhhh-its-a-secret-gemetic-no-one-else-has-these-links.855723/

moonshine7000 · Dec 20, 2017

That is some serious charges and possible lawsuits

Jack Heron · Dec 20, 2017

Most people that read that article, will think 'BlackHatWorld' is some underground dark net site, instead of right out in the open and entirely transparent.

Sherb · Dec 20, 2017

In on 1st page.

spectrejoe · Dec 20, 2017

I know you aren't supposed to compliment these things but that's a genius move not gonna lie. Still an asshat since it's illegal & should definitely face consequences.

Toz · Dec 20, 2017

That's some bad publicity for BHW. Not only that, but those links... Ouch.

Zwielicht · Dec 20, 2017

I'll read the article once I get back on my desktop later, but if that user is selling hacked links, their service should removed as it violates rule 3.8 in the forum's terms of service.

3.8 Advertising any illegal service or the sale of any items the sale of which is prohibited or restricted by any applicable law, including without limitation items the sale of which is prohibited by U.S law.

Jack Heron said:
Most people that read that article, will think 'BlackHatWorld' is some underground dark net site, instead of right out in the open and entirely transparent.

A lot of people already think that. There was even a thread a while back where we were all sharing the ridiculous articles that have been written by people who know nothing about Black Hat World over the years.

Asif A Khan LONDON · Dec 20, 2017

The guy they mention Mason Soiza, has been banned from BHW previously

https://www.wordfence.com/blog/2017/09/man-behind-plugin-spam-mason-soiza/

https://www.blackhatworld.com/seo/high-pr-links-dead.692703/

spectrejoe · Dec 20, 2017

Zwielicht said:
I'll read the article once I get back on my desktop later, but if that user is selling hacked links, their service should removed as it violates rule 3.8 in the forum's terms of service.

A lot of people already think that. There was even a thread a while back where we were all sharing the ridiculous articles that have been written by people know nothing about Black Hat World over the years.

The name itself BlackHatWorld doesn't actually give us a trusting vibe right away tbh.

People just love to judge books by their covers

umerjutt00 · Dec 20, 2017

That was a genius idea to be honest.

ThatSEO · Dec 20, 2017

spectrejoe said:
The name itself BlackHatWorld doesn't actually give us a trusting vibe right away tbh.

People just love to judge books by their covers

People (and banned members) think that blackhat is making money from breaking the law / it isn’t, it’s pushing boundaries and breaking terms and conditions.

Asif A Khan LONDON · Dec 29, 2017

https://www.blackhatworld.com/seo/evidences-to-prove-paypal-i-was-given-hacked-links.982796/
@OnniChan Charles Floate is pretending to be the good guy:
https://charlesfloate.co.uk/backdoored-plugins

Hey guys,

Unfortunately this is going to be a fairly sad ending to 2017..

I have spent the past few weeks investigating this and when WordFence finally released even more conclusive evidence, I decided to work with Dan (Who wrote the original post) and release the full evidence I had accumulated.

Unfortunately it seems several members of our SEO Community have been exploiting their relationships with people here to backdoor their sites..

They've also done this on the wider arisen of buying old plugins and updating them with backdoors too.

It goes far beyond the traditional sense of just inserting links though, whether they had the technical knowledge to know this or not.

Thanks
- Charles

Unit 1, Stag Industrial Estate
Oxford Street
Bilston West Midlands WV14 7HZ
UNITED KINGDOM

To unsubscribe or change subscriber options visit:

davids355 · Dec 29, 2017

Interested to see how this unfolds.

Panther28 · Dec 29, 2017

i had this plugin on a few sites, and then i remember about 3-4 months ago one of my websites fucked up because of it, and i had to manually delete it from ftp login,
i removed it from my other sites, just in case, but this connects with the time that the users sales threads disappeared from bhw.

ThatSEO · Dec 29, 2017

Asif WILSON Khan said:
https://www.blackhatworld.com/seo/evidences-to-prove-paypal-i-was-given-hacked-links.982796/
@OnniChan Charles Floate is pretending to be the good guy:
https://charlesfloate.co.uk/backdoored-plugins

Bet he’s shitting it considering of his past....

MisterF · Dec 29, 2017

Asif WILSON Khan said:
https://www.blackhatworld.com/seo/evidences-to-prove-paypal-i-was-given-hacked-links.982796/
@OnniChan Charles Floate is pretending to be the good guy:
https://charlesfloate.co.uk/backdoored-plugins

Just read that, I notice he even spoke to a lawyer before making his post ha ha ha

s4nt0s · Dec 30, 2017

Just went through all my sites to make sure I didn't have any of their plugins.

That's some pretty shady stuff ...

Alfon · Dec 30, 2017

That's just pure blackhat he shouldn't be banned for this IMO

valentinesmith · Jan 2, 2018

Anyone know how Charles would have identified what he calls the 'Google footprints' for these cloaked links pls?

MaxTucker · Jan 2, 2018

valentinesmith said:
Anyone know how Charles would have identified what he calls the 'Google footprints' for these cloaked links pls?

I've read his post, I am guessing he is reffering to the fact the hackers cloak the links so that none-search bots can't see it.

you could do this by changing your browser user-agent, and searching for the line of text the hackers include in their victims website.

look at the screenie he included

You could search by "head over to mypetneedsthat for the latest aquatic products"

I imagine if they are doing this manually not much of a footprint would be left!!!!

WordFence expose BHW Link Seller

BANNED

Elite Member

Newbie

Ban reason = Abuse of Mods

Jr. VIP

Jr. VIP

Legendary Administrator

Elite Member

Jr. VIP

Elite Member

Jr. VIP

Elite Member

Super Moderator

Jr. Executive VIP

Jr. VIP

Repeat Selling Out MP - Doxxing - Harass Comps.

Jr. VIP

Regular Member

Newbie

BANNED

Main Menu

Marketplace

Making Money

BlackHatWorld

Other