A month ago we noted that Google’s AdSense program was handling the advertising for a number of websites serving “nulled” web software, which is paid web software being distributed illegal, with at least one of those serving up malicious code with the “nulled” web software. We reported a number of the websites to Google as they are violating policies of the AdSense program, but they are still running ads served by Google.
Part of how we became aware of that was that advertising we were running through Google’s AdWords program was being shown on some of those websites. Today we noticed that our advertising has recently been running on an even more troubling website, leakeddata.me.
The title of the website is “Leaked Data | Exploited and Leaked Information | (UPDATED Daily)” and the subtitle is “| Hack Credit Card | Visa | MasterCard | SSN | Amazon | Email Address | MYSQL Database | IP Address | ( HACKED | LEAKED | EXPLOITED )”. The homepage of the website currently shows the details of seven purported leaked credit cards, with the data shown including the credit card number, CVV number, name of credit card holder, and their address.
The top of the homepage of the website has multiple blocks of Google served advertising (bordered in blue):
When we went to see where the website was being hosted we were surprised to find it was Google. The IP address the website is hosted from is 22.214.171.124, for which the host name is any-in-2415.1e100.net. As Google explains “1e100.net is a Google-owned domain name used to identify the servers in our network.”. At that point we noticed that the website is being hosted through Google’s Blogger service.
It would seem that neither the Blogger nor AdSense service do any sort of proactive monitoring looking for credit card info being show on pages using the services, which seems to be something they could be doing.
It looks like the website has been showing leaked info since December of 2014.
We wanted to report this to the Blogger service, but they don’t have an option if you want to report someone else’s private information is being posted, only your own.