On an average day I come across 4 new child pornography sites that are hosted at Yahoo. Shocking? It was to me when it started, but it’s been going on for a long time. Finally, at the end of June 2006 I started keeping track of them in detail. Between July 1 and December 31, 2006 I counted 744 such sites hosted at Yahoo and the flood is continuing to this day. To give you a taste, here is one I received on 2006-01-14:
Feel new emotions, taste new experience,
a very HARD and HOT YEAAAAHH!!!
5-10y.o. kids starring as porn models.
Innocent, virgin, naive and so sexy.
Download your free CP pics and movie samples.
As you may know, a few years ago I started publishing names of domains (websites) that were advertised via spam. For more than two years I have been one of the principal data suppliers for SURBL.org. It’s a Spam URL Blocklist that enables people to block spam based on the websites advertised. This type of spam blocking works even when spam advertising a spammer’s site is sent from a thousand different computers using a thousand different fake sender addresses.
About a decade ago, when the World Wide Web was just taking off there were a lot of headlines about child pornographers lurking in Cyberspace, but very little such material could actually be found. Nowadays most people have the perception that child pornography is tackled seriously by law enforcement, but in actual fact the criminals who sell pictures of child rape go about it more blatantly than ever. It is sickening.
Now how could a major reputable company such as Yahoo host repulsive, clearly-illegal material? They provide a legitimate service to register and host websites, like many other companies do. They are neither the cheapest nor the best webhoster, but a lot of people use them for personal websites.
All it takes is access to the Internet and a credit card.
The criminals use Yahoo for hosting illegal sites ranging from fake bank sites (phishing) to child pornography sites. They are not easy to track down since they use other people’s credit card data to register domains and sign up for site hosting. Then they upload websites and send out spam to advertise these sites. From amongst the millions of spam recipients, several thousand people will respond and sign up for more of this stuff, presumably hosted on others servers that are not closed down so quickly. They pay by credit card, handing their card data to the criminals. Repeat ad nauseam.
Once the illegal sites are reported to Yahoo, they will eventually shut them down, but by then the criminals have already had time to find new paying customers. The earlier the sites are detected and suspended, the less money the criminals make.
The credit card data abused for site hosting does not necessarily originate from child pornography customers. Phishing scams and fake internet stores are other data sources. There is reason to believe in connections between phishing gangs and child pornography gangs, as there are many common elements. Both extensively use Yahoo domains. Along with pill spammers and “warez” (software piracy) spammers they obtain credit card data in bulk and use armies of spambots to send out spam emails. These are remote controlled PCs infected with “Trojan horse” software that turn them into zombies that receive instructions from one of several hidden master servers on the Internet.
Yahoo is by no means the only company that ends up hosting illegal content. However, it is the biggest single webhosting company that we’ve come across that is hosting child pornography. No other company even comes close. There has got to be a reason for that.
The situation with phishing scams using newly registered domains is similar. Phishing sites tend to be hosted either on cracked websites, hijacked computers, computers in China or by Yahoo. There has to be a reason for why criminal spammers prefer Yahoo, even though it’s by no means the largest webhosting company.
Typically when a provider is massively abused for hosting illegal content, as for example MSN was for hosting Nigerian scam sites (419 scams), it means that either its credit card fraud detection mechanisms are inadequate or it’s technical support is not geared up to effectively handle fraud reports about hosted sites submitted by the public. Usually it’s a combination of both.
The spam gangs that host sites at Yahoo know that their sites will be shut down eventually. That’s why they launch four new sites per day and keep the mail pipeline stuffed with new spam. Every extra day that it takes a webhoster to respond is a day during which they get new credit card orders, at $99.95 a client. Some of that money finds its way to the rapists who provide the pictures.
For the last 6 months I have been reporting all Yahoo child pornography sites to the company. Trying to get a more direct connection, I contacted a friend in the USA with law enforcement contacts. My friend went as far as talking to the FBI, only to be told that the FBI wasn’t interested in this type of site. They were only after the main sites that the Yahoo sites act as a shop window for. The number of new sites is still the same as it was six months ago. Yahoo appears to have done nothing to discourage this abuse of their services.
I would be glad to hear from Yahoo directly to work out a modality to get those spam sites shut down as quickly as possible. Even more I wish for Yahoo to get its act together and tighten up its checks on new domain setups, so as to detect attempts to signup for illegal purposes by watching out for recurring patterns in the signup attempts. If I as the owner of a small software company can detect all those pornography domains to report then, why not a billion dollar company like Yahoo?