http://abosense.com/ [Japanese] [English]
There is people in the world that do AboSense* attack to unwanted web sites. This document describes in detail how do they do this, as well as provides a safe and effective measure of defense.
* AboSense means that an AdSense account is deleted by Google.
Do not carry out the procedures below, otherwise you become a dog like them. This document is just for technical information to fulfill your academic curiosities and to protect yourself. Any abuse of the information will not be tolerated.
Similar book in concept: Hacking Exposed: Network Security Secrets & Solutions, Fourth Edition.
AboSense attackers have no special technique. It takes only several tens of seconds.
It's okay like this. If one continues the attack for a while, the AdSense account for target site will be deleted. Their modus operandi is this simple! But I wish you never do.
The site administrator may detect a mass clicking and temporarily remove advertising from his site. The following is the explanation how to get the linked URL in local.
The attackers open the source of the page in the beginning. Find a description as follows, copy it whole and save as a local file (Extension: .html).
<script type="text/javascript"><!-- google_ad_client = "pub-0000000000000000"; google_ad_width = 125; google_ad_height = 125; google_ad_format = "125x125_as"; google_ad_type = "text"; google_ad_channel =""; google_color_border = "FFFFFF"; google_color_bg = "FFFFFF"; google_color_link = "0000FF"; google_color_url = "008000"; google_color_text = "000000"; //--></script> <script type="text/javascript" src="http://pagead2.googlesyndication.com/pagead/show_ads.js"> </script>
Just opening this file will not make ads appear. It is required to display ads that the code is placed on approved domains.
So they run the Web server on local.
Open c:\winnt\system32\drivers\etc\hosts (for Windows 2000) or c:\windows\system32\drivers\etc\hosts (for Windows XP) using an editor such as Notepad, and then append the following line:
127.0.0.1 Domain name of target site
Place the HTML file which contains said codes in the document root of HTTPD and make sure that it can be accessed by the domain name of the target site. If ad is displayed, this procedure is successful. It remains no more than copying the linked URL and firing the Tashirian Cannon... Their slightly advanced way is like this. Please, pretty please, do not try it.
On a mild weekend day, the site administrator will find Account Not Active while trying to login to AdSense, then he will check the email in alarm and get a robotistic message as below:
Hello John Paul, It has come to our attention that invalid clicks have been generated on the ads on your web pages. We have therefore disabled your Google AdSense account. Please understand that this step was taken in an effort to protect the interest of the AdWords advertisers. A publisher's site may not have invalid clicks on any ad(s), including but not limited to clicks generated by a publisher on his own web pages, clicks generated through the use of robots, automated clicking tools, or any other deceptive software. Practices such as these are in violation of the Google AdSense Terms and Conditions and program polices, which can be viewed at: https://www.google.com/adsense/localized-terms?hl=en_US https://www.google.com/adsense/policies?hl=en_US Publishers disabled for invalid click activity are not allowed further participation in AdSense and do not receive any further payment. The earnings on your account will be properly returned to the affected advertisers. Sincerely, The Google AdSense Team
Finally we have again defeated one of those who seek to make easy money by ads. We made it!(*^-')b ...The attackers would laugh up their sleeve in dim rooms. Since such acts constitute interference against the site management, again and again I wish you never do it.
Until an appropriate countermeasure is devised by Google, removing AdSense ads is the most fail-safe way to protect. Since it is not expected that a listed company which is socially responsible leaves the issue alone without taking countermeasures, I believe that an improvement will occur some day. Until then, it might be a good idea to reduce the risk of account loss.
under construction...
This site provides the information on AboSense and is written by a site administrator which had suffered AboSense due to Tashirian Cannon attack. I consider that the issue, that this simple way makes another's account be deleted, is a fatal flaw of current AdSense. I am hoping that this fact is spread around to make Google bestir itself to initiate improvements. When the time comes, I would like Google to open the way for rejoining of innocent victims which took AboSense.
If you want to contact me, please email to info[ at ]abosense[ dot ]com.
END OF DOCUMENT.