f in x
OnlyFans Creators' DMCA Requests Make Hacked Government Sites Disappear from Google Search
> cd .. / HUB_EDITORIALE
News

OnlyFans Creators' DMCA Requests Make Hacked Government Sites Disappear from Google Search

[2026-07-08] Author: Ing. Calogero Bono
Zenithby Meteora Web The operating system for your business. Social, clients, bookings and invoices in one platform. Gyms, barbers, professionals. Discover Zenith Free demo · no card

A new analysis by cybersecurity firm UpGuard, shared with WIRED, reveals that copyright takedown notices filed by OnlyFans models are accidentally removing thousands of compromised government and university web pages from Google search results. Since 2011, over 384,000 takedown requests linked to adult creator content have targeted .gov and .edu domains across 80 countries, with a dramatic surge after 2020 as the creator economy boomed.

How scammers exploit .gov sites to lure victims

Fraudsters hack official websites using vulnerabilities in publishing systems, uploading pages and PDFs with deceptive titles like “biggest leak yet” or “leaked OnlyFans”, using the names of popular models to attract clicks. Once users click on the search result link, they are redirected to scam pages promoting online dating or malicious advertising schemes. Because .gov and .edu domains carry high authority, they rank well in Google, making them ideal lures for cybercriminals.

Sponsored Protocol

DMCA requests as an accidental cleanup tool

OnlyFans creators and their representatives send millions of DMCA notices to Google to remove pirated content. Among these, many target hacked government sites that host stolen material used as bait. Consequently, Google removes flagged pages from SERPs, effectively rendering the malicious content invisible. Greg Pollock, director of research at UpGuard, explains: “The OnlyFans models are not setting out to help government websites, but in order for them to police their copyright ownership, they wind up sending a lot of notices to Google about those sites. In some ways, having Google remove the search result is extremely effective because there’s no real visibility of the asset outside of Google.”

Google's response and DMCA limitations

A Google spokesperson stated that anti-spam protections are “highly effective” at preventing hacked pages from ranking and that Chrome may warn users about dangerous content. However, DMCA takedowns apply only to individual pages, not entire domains. Out of 631,193 URLs flagged by UpGuard, Google removed about 130,000, while 460,000 saw no action. The DMCA, enacted in 1998, has been criticized for broad implementation and potential abuse. Jennifer Urban, a clinical professor of law at UC Berkeley, notes that “when takedown notices go outside copyright, the notice is questionable under the DMCA.”

Sponsored Protocol

Concentration of requests in a single company

According to UpGuard, about 90% of recent requests come from Estonia-based Rulta, which acts on behalf of creators. Alexander Small, co-founder of Fanlock, clarifies: “We file only on a good-faith belief that the page hosts our client’s copyrighted work. If a page just uses the name as bait without the content actually being there, that’s not a copyright issue.” In total, 11,000 adult-content-linked copyright owners, represented by 554 organizations, have sent requests to government and education sites.

Sponsored Protocol

A warning for security teams

Pollock suggests that monitoring popular model names could serve as an early warning system for site vulnerabilities. “When that unwanted content is injected, you can often catch it with these kinds of adult content keywords.” Dan Purcell of Ceartas argues that using DMCA to clean official sites is “excessive and inappropriate,” recommending direct contact with security administrators. While companies like OpenAI launch new AI models, the public web remains exposed to such compromises. Unlike legitimate services such as TurboTax, compromised .gov domains become vehicles for scams, offering a lesson on the need to strengthen institutional cybersecurity. For more on the legal mechanism, see the Wikipedia entry on DMCA.

Source: https://www.wired.com/story/onlyfans-creators-dmca-hacked-government-websites

Ing. Calogero Bono

> AUTHOR_EXTRACTED

Ing. Calogero Bono

Ingegnere informatico, fondatore di Meteora Web e Zenith OS. System administrator e progettista di piattaforme, app e CMS proprietari, con esperienza in sviluppo full-stack, marketing digitale ed ecosistema Google.
[ Read Full Dossier ]

> METEORA_WEB // DIGITAL AGENCY

We build the digital presence your business deserves.

Websites, social media, online advertising, e-commerce and high-performance hosting, engineered with method by computer engineers in Sciacca, for all of Italy.

> MW_JOURNAL

> READ_ALL()