Josh C. Simmons made a popular browser-based game, Sqword, that's free to play, ad-free and easy to find. As time passed, however, he noticed search results for its own name started to return "game aggregator" sites instead of Sqword itself. All they did was wrap his own site in an iframe, surround it with ads, and as if by magic those sites prevailed in search results. So he did the best thing possible: rigged it so those sites would now show a certain famous image instead of the game.
It has been one of my greatest achievements as a dev: to live-deploy a massive goatse image to at least 8 domains that aren't mine.
Let this be a lesson to you – if you are using an iFrame to display a site that isn't yours, even for legitimate purposes, you have no control over that content – it can change at any time. One day instead of looking into an iFrame, you might be looking at an entirely different kind of portal.
I know it's not the funny part, but the "iframe ad-free content with google ads and end up ranking highly in google searches trying to find the ad-free content" part is grim.
On Hacker News, other devs share their hotlinker revenge tales.
Once, out of the kindness of my foolish heart, I ran a server with a lot of great sound effects for all and sundry to download.
Eventually the bandwidth was getting hammered by a huge number of leechers seemingly from some apps that had simply hard-linked to the resources.
After replacing said resources [0] they soon ceased but not without a slew of abusive and entitled emails demanding I restore the SFX.