Update your WordPress sites! |
|
|
Wednesday, April 30 2008 @ 09:50 CEST Contributed by: Dirk |
|
|
So, every day I see at least one of these spam posts. They all follow the same scheme and they all use hacked WordPress sites of completely unsuspecting people or organisations. And they all redirect to these fake "search engine" sites that so often show up here ... So, if you are running a site on WordPress or know someone who does, please keep it up to date and try to follow the numerous security issues that seem to crop up every other day (either affecting some add-on or WordPress itself). BlogSecurity is a good site to stay up to date. They provide security tips and also a WP Vulnerability Scanner to test your site with. Back to our spammer (and, presumably, WordPress hacker). He always puts a bunch of files into a directory on the hacked site and then links them, one keyword at a time. For example (full URL left out): read more |
|
|
Filed under: Comment Spam 0 comments (Post a comment) |
|
Offtopic: A script kiddie discovers the ftp: link |
|
|
Saturday, February 23 2008 @ 01:30 CET Contributed by: Dirk |
|
|
I ranted about those stupid script kiddies and their fruitless yet annoying attempts to exploit something that isn't there before. Of course that didn't change a thing - we're still seeing more than 20% of the requests on our webserver being inclusion attempts. A new variation, however, is the use of ftp: links for the inclusion attempt: read more |
|
|
Filed under: Miscellaneous 2 comments (Post a comment) |
|
Using the W3C for spam |
|
|
Saturday, February 16 2008 @ 11:30 CET Contributed by: Dirk |
|
|
Profile spam is an old trick of the spammers. They simply create a profile on a popular forum, stuff it with their spammy links - and leave it sitting there. This usually works quite well since (lists of) profile pages are often linked prominently from the forum's main pages and therefore have a good position in search engines. You don't even have to post anything on the forum to profit from this. This can also be combined with the "abandoned message boards" approach where the spammers leave posts on unused message boards and then spam for those posts. Which in turn point to the spammers real (and valuable) domains. And in this combined "spam for profile pages" tactic, the spammers don't shy away from using prominent sites. I've already seen spam for SETI@home profiles, digg.com profiles, and various other well-known sites. I didn't know you could also do this with pages of the venerable World Wide Web Consortium (W3C), though. But one spammer did just that. read more |
|
|
Filed under: Comment Spam 0 comments (Post a comment) |
|
Offtopic: Damn Bounces! |
|
|
Thursday, February 14 2008 @ 08:35 CET Contributed by: Dirk |
|
|
For the last 2 or 3 days, someone has been sending out spam emails with faked email addresses @project.geeklog.net. Nothing new here, happens all the time, and if you own a domain, it'll happen to you eventually. On my own domains, I simply forward the catchall to a GMail account (hey, finally something to fill up those 6 GB!). On geeklog.net, however, we can't do that for various reasons. And so we're drowning in bounces now. read more |
|
|
Filed under: Miscellaneous 1 comments (Post a comment) |
|
Test spam |
|
|
Tuesday, January 01 2008 @ 03:00 CET Contributed by: Dirk |
|
|
Hmm, somebody's posting test spam again: The content is only the text string kokkk21, accompanied by a link to hgytgfred.com - which isn't even registered at this point (this started 15 hours ago, so it's not a problem with the whois or DNS not being up to date yet). Google returns a few hits on other sites, too. Nothing too obvious in the HTTP headers, but he seems to prefer to spam one particular article on this site. We'll see if anything else comes out of this ... |
|
|
Filed under: Comment Spam 1 comments (Post a comment) |
|