EFF Analyzes Hijacking of Search Traffic

LOS ANGELES — Adult website owners that were quick to blame Google’s “Panda” update for a substantial decline in organic search traffic may have another culprit to cite.

The Electronic Frontier Foundation (EFF) has issued a technical analysis of recent reports that U.S. search traffic is being surreptitiously redirected in an effort to monetize users’ searches.

“Earlier this year, two research papers reported the observation of strange phenomena in the Domain Name System (DNS) at several U.S. ISPs,” states the EFF analysis. “On these ISPs’ networks, some or all traffic to major search engines, including Bing, Yahoo! and (sometimes) Google, is being directed to mysterious third party proxies.”

This knowledge base was expanded by yesterday’s report in New Scientist, which illustrates how website traffic is being clandestinely rerouted by a company called Paxfire — a phenomenon which the EFF post explains in greater detail.

According to the EFF, there are a dozen or so major users of the Paxfire system, including Cavalier, Cogent, Frontier, Fuse, DirecPC, RCN, and Wide Open West, with Charter having previously used Paxfire (a practice which it has apparently discontinued), that “deliberately and with no visible indication route thousands of users’ entire web search traffic via Paxfire’s web proxies.”

“ICSI Networking’s investigation has revealed that Paxfire’s HTTP proxies selectively siphon search requests out of the proxied traffic flows and redirect them through one or more affiliate marketing programs, presumably resulting in commission payments to Paxfire and the ISPs involved,” states the EFF. “The affiliate programs involved include Commission Junction, the Google Affiliate Network, LinkShare, and Ask.com.”

The issue isn’t just about traffic, but about trust.

“Users generally assume that the site’s name is identical to the site itself and essentially trust the site’s authenticity if it looks as usual and the browser does not pop up phishing warnings or other signs of trouble,” EFF adds. “Paxfire’s misdirection of search traffic undermines this trust.”

Paxfire rewrites DNS errors, sending surfers to its own search pages laden with advertisements, sharing the ad-related revenues with the ISPs. It can also easily avoid the “error” requirement, sending all search traffic to a small number of proxies.

“This allows Paxfire and/or the ISPs to directly monitor all searches made by the ISPs’ customers and build up corresponding profiles, a process on which Paxfire holds a patent,” EFF states. “It also puts Paxfire in a position to modify the underlying traffic if it decides to.”

The analysis team has currently identified 170 keywords triggering redirections to affiliate programs and “search assistance” pages.

“When the user initiates searches for specific keywords from the browser’s URL bar or search bar, the proxy no longer relays the query to the intended search engine, but instead redirects the browser’s request through affiliate networks, as the equivalent of a click on advertisements,” EFF states, adding that this DNS-based redirection “operates in a surgical fashion, affecting only search engines but not other services such as Google Maps or Yahoo! Mail, and remains completely invisible to the user.”

Google has stepped in, however, pressuring the ISPs to not include it in all of this.

“As of August 2011,” the EFF analysis concludes, “all major ISPs involved have stopped proxying Google, but they still proxy Yahoo! and Bing.”

If you’ve been watching your website’s organic search volume at Google and seeing it improve lately, this may be part of the reason why.

Related:  

Copyright © 2025 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More News

FSC Publishes Analysis of Federal Trade Commission Event Promoting AV

Free Speech Coalition (FSC) has published an analysis of a Federal Trade Commission (FTC) event held this week that promoted age verification among other forms of speech regulation.

GirlsDoPorn Owner Michael Pratt Pleads Guilty to Sex Trafficking

Michael Pratt, former owner of the rogue website GirlsDoPorn, pleaded guilty in the U.S. District Court for the Southern District of California on Thursday to sex trafficking and conspiracy to commit sex trafficking charges, according to a report by City News Service.

Master Nico Relaunches Site Through YourPaysitePartner

Master Nico has relaunched his official website through YourPaysitePartner (YPP).

Federal Judge Grants Partial Halt of Florida AV Law

The United States District Court for the Northern District of Florida, Tallahassee Division, has granted a preliminary injunction against HB 3, the state's age verification law, as a lawsuit filed by two online trade associations challenging the law makes its way through the courts.

Aylo Releases Statement on Suspending Access to Pornhub in France

Technology and media company Aylo, which operates adult sites including Pornhub, YouPorn, and Redtube, has released a public statement regarding its decision to block access to its sites in France.

Pineapple Support to Host Wellness Sessions at Bucharest Summit

Pineapple Support is hosting free group and one-on-one therapy sessions at Bucharest Summit, June 3-5.

Pornhub Blocks Access in France in Response to SREN Law

Pornhub parent company Aylo has opted to block access to its sites in France rather than comply with age verification requirements under the country’s Security and Regulation of the Digital Space (SREN) law.

ASACP Highlights Study on Parental Controls

The Association of Sites Advocating Child Protection (ASACP) is highlighting the results of a study on the underutilization of parental controls.

Sydney Screams Launches New Site Through Grooby's Blue.xxx

Sydney Screams has launched her new membership site, SydneyScreams.xxx, through Grooby's website management company Blue.xxx.

Mistress Mystii Is LoyalFans' 'Featured Creator' for June

LoyalFans has named Mistress Mystii as its Featured Creator for June.

Show More