A number of website URLs linking to Semalt Media’s website have been reported to be associated with numerous referral spam messages sent out all across the globe on various websites. The spam affects predominantly websites which do not have adequate spam protection and which are not monitored to often. All users, as well as website publishers, should be aware that this spam can quickly devaluate Google Analytics data of a site and infect the ones who open the spammed web links with malware and unwanted programs as well as involve them in various scams.
Threat Summary
| Name | Semalt |
| Type | Referral Spam. |
| Short Description | Software which spams different URLs to boost traffic to them and to quickly devaulate the statistics on targeted sites.. |
| Symptoms | Spams contain several specific spammed URLs which redirect to third-party sites. The default domains of those URLs redirect to Semalt’s web page. |
| Distribution Method | Web Crawlers and Ghost Referrals |
| Detection Tool |
See If Your System Has Been Affected by malware
Download
Malware Removal Tool
|
| User Experience | Join our forum to Discuss Semalt Spam Campaings. |
How Do Semalt Spam Links Distribute
Since the spammers behind Semalt have used a massive spam campaign, according to Incapsula researchers, the spammers may have used two types of spamming software:
Web Crawlers or Spiders
This type of spamming software “crawls” though different pages to collect information about how often are the sites of those pages modified by administrators and other criteria. After it has gathered enough data, it may initiate a massive spam campaign on certain URLs, previously assigned to it from a specific “hitlist”. And what is worse is that reports by Incapsula indicate that when official Google bots crawl to scan for web links they begin to index the referral spammed web links and therefore boost the SEO of the spammed web site, in this case, Semalt.
Ghost Referral Spam
Even though it has not been officially confirmed, Semalt Referral Spam may also be redistributed via ghost referrals. Such spam is more sophisticated and more targeted than massive. It takes advantage of the free HTTP protocol to connect remotely to the website and spam while not even being on the website itself. It is extremely effective and is very hard to be removed.
Both off those spam methods can be utilized via very expensive spam campaigns, and they are something you DO NOT want to have on your website. Besides regular checks for spam, they should be permanently blocked on your web server because they have the potential to quickly devaluate the data of Google Analytics websites. And the damage done by such spammed URLs may even be more. For example, Ghost Referrals can target specific aspects of Google Analytics data to devaluate. And not only this, but it may also lead to malicious web pages that may infect the users of the website with malware, and make them never come back to your site again.
More Information About the Semalt Referral Spam
As soon as the spam is initiated, it may be in messages that contain web links which originate from the following domains:
- https://semalt.semalt(.)com
- HTTP:// keywords-monitoring-your-success.com
- HTTP:// free-video-tool.com
Also, researchers have identified that the following IP addresses were belonging to spam bots spreading web links redirecting to Semalt’s main web page:
- 186.214.178.98
- 24.218.171.58
- 79.49.195.113
- 187.112.50.169
In addition to that, the spammers are reported to use a very dangerous software, called QtWebKit, which allows them to perform different activities, like executing different JavaScript. Also, further reports indicate that these spam bots may be doing the spamming from infected machines and hence be spread via different malware, like botnet malware, for example. Malware researchers report that Semalt may have used the Soundfrost botnet which might have allowed them to infect hundreds of thousands of computers all over the world, primarily in South America.
More Information on Semalt
The website itself appears to be a website that offers a variety of services to users as well as websites:
Besides the products it offers, Semalt’s website also pretends to offer to analyze a website’s potential for free by scanning for keywords and other statistics:
However, the website wants money from users to show the report for its analysis. It offers various SEO tools and even to create websites for its clients.
Stop Semalt Referral Spam from Your Computer
Since referral spam associated with Semalt may link to many third-party websites, trying to boost their traffic by using spamming methods, users can never be too sure what type of websites the web links will lead them to. Not only this, but such spam is mainly a menace for website publishers since it devaluates their analytics data quickly and makes research based on it impossible. This is why we advise you to use some of the following instructions and hopefully block this spam and protect yourself in the future as a user.
There is a method outlined by security researchers online that uses WordPress plugins to block referrer spams from sites. There are many plugins that help deal with referrer spam, simply do a google search. We have currently seen one particular plugin reported to work, called WP-Ban, but bear in mind that you may find an equally good or better. WP-Ban has the ability to block users based on their IP address and other information such as the URL, for example.
Also, in case you feel like you may have clicked and been redirected to one of the domains mentioned in the spam message, and you believe your system may be compromised, you should scan your computer with a particular anti-malware tool. Downloading such software will also make sure your computer is safe against any future intrusions as well.
Spy Hunter scanner will only detect the threat. If you want the threat to be automatically removed, you need to purchase the full version of the anti-malware tool.Find Out More About SpyHunter Anti-Malware Tool / How to Uninstall SpyHunter
Ventsislav Krastev
Ventsislav is a cybersecurity expert at SensorsTechForum since 2015. He has been researching, covering, helping victims with the latest malware infections plus testing and reviewing software and the newest tech developments. Having graduated Marketing as well, Ventsislav also has passion for learning new shifts and innovations in cybersecurity that become game changers. After studying Value Chain Management, Network Administration and Computer Administration of System Applications, he found his true calling within the cybersecrurity industry and is a strong believer in the education of every user towards online safety and security.
Follow Me:
