This article contains information on how to Block “vitaly rules Google ☆*:.。.゚゚・*ヽ(^ᴗ^)丿*・゚゚.。.:*☆ ¯\_(ツ)_/¯(•ิ_•ิ)(ಠ益ಠ)(ಥ‿ಥ)(ʘ‿ʘ)ლ(ಠ_ಠლ)( ͡° ͜ʖ ͡°)ヽ(゚д゚)ノʕ•̫͡•ʔᶘ ᵒᴥᵒᶅ(=^. .^=)oo” referral traffic from your Google Analytics and your web server.
Users have increasingly begun to complain in Google support forums regarding referral spam attacks caused by hosts linking to the message “vitaly rules google” in Google Analytics. This referral traffic has been reported to quickly devaluate Google Analytics statistics, so blocking swiftly every related URL and on the server is strongly advisable. Furthermore, it is also recommended to take additional precautions in case you have visited web links spammed by “vitaly rules Google” bots. This is why we advise reading the following article and get familiar with how this spam is spread and how it can be blocked completely.
Vitaly Rules Google Referral Spam – How Does It Work?
The spam sending web links linking to “vitaly rules Google” domains has been reported to originate from two primary types of spam bots.
Type 1: Web Crawlers (Spiders)
Also known as spider spam, this is a type of software that aims to “crawl” the web for different websites pre-set based on specific criteria, for example, no captcha, easy registration and others. After this has been performed, the spam bot may drop spam links on the websites simultaneously. The benefits for the spam sender are that more websites can be spammed at the same time. The good part concerning you is that this type of spam can be blocked and backs away immediately after being flagged and blacklisted, meaning that is not as persistent as the second type.
Type 2: Ghost Referrer Spam
Also known as ghost referral, the name of this spam suggests that the spamming software related to it aims to crawl a website and stay on it for longer periods of time undetected. The nickname “ghost” comes from the fact that most spamming software of such type uses the free HTTP protocols to connect remotely to the targeted website and spam “from a distance” without even being directly connected and present on the site as a bot/user. This spam may quickly render the statistics on a website it attacks useless, making research from those statistics, practically impossible, changing popular posts and other information. It is so sophisticated that it can even target separate parts of the analytics information of a website.
More About the Vitaly Rules Google Domains
Whatever the case of Vitaly Rules Google may be, the referral spam is very sophisticated, and the spammers behind it may have used a sophisticated combination of a technique known as “Google dorking” to find a pre-set lists of websites based on specific criteria and embed them in the source code of their spamming software. This technique is basically filtering websites, based on specific items and includes usage of code-generated searches to find specific information on a site which is appears in Google. Here is an example of Google dorking commands below:
Some of those commands may look for websites with unsecured robots.txt files as well as several other criteria, like missing captchas and others. Furthermore, there are other features that Google Dorking possesses and can be inputted in the spam-bots to look for:
- Vulnerabilities and vulnerable files.
- Footholds that allow hackers to gain access to directories of unsecured web servers.
- Sites containing sensitive directories.(or secret ones)
- Vulnerable servers – servers with specific vulnerabilities which is most likely the type of dorking used by this ransomware.
- Error Messages.
- Network or vulnerability data.
- Different Online Devices.
- Web Server Information.
- Files that have usernames in them.(Only)
- Password files.(Only)
When we check the domains related to the spam, it immediately becomes evident that they are low-quality websites or phishing websites, like the following:
How to Block Vitaly Rules Google Referral Traffic
There are several consequences to keeping referral traffic related to Vitaly Rules Google domains and those are primarily related to:
- Devaluation of the website statistics.
- Over-flooding of the site comments and flagging the website in Google.
This is why we recommend you to not underestimate this spam and follow our instructions to block it from several different locations:
- Okom3pom
