Damn Spam!
Search 

Topics

User Functions






Lost your password?

Update your WordPress sites!

    
Wednesday, April 30 2008 @ 21:50 CEST
Contributed by: Dirk

So, every day I see at least one of these spam posts. They all follow the same scheme and they all use hacked WordPress sites of completely unsuspecting people or organisations. And they all redirect to these fake "search engine" sites that so often show up here ...

So, if you are running a site on WordPress or know someone who does, please keep it up to date and try to follow the numerous security issues that seem to crop up every other day (either affecting some add-on or WordPress itself). BlogSecurity is a good site to stay up to date. They provide security tips and also a WP Vulnerability Scanner to test your site with.

Back to our spammer (and, presumably, WordPress hacker). He always puts a bunch of files into a directory on the hacked site and then links them, one keyword at a time. For example (full URL left out):

<a href='.../pages/page1.html'>cigarettes</a> 
<a href='.../pages/page2.html'>cheap</a> 
<a href='.../pages/page3.html'>cheap</a> 
<a href='.../pages/page4.html'>cheap</a> 
<a href='.../pages/page5.html'>dirt</a>

And so on, usually 200-300 such links at once.

I'm not familiar enough with WordPress to say whether this is due to a particular vulnerability in WP or one of its add-ons. The similarity may simply be due to the (probably automated) attack the hacker / spammer uses.

A collection of (again only partial) URLs:

http://blog.(some candidate for the US senate)/wp-music/files/file=1.html
http://(a blog about graphs)/wp-content/plugins/update/up1.html
http://(abandoned blog of a graphic artist)/wp-content/themes/blix/css/css1.html
http://blog.(of some accessory designer)/wp-content/themes/rin/Manual/pages/page1.html
http://blog.(of a family)/wp-content/spell-plugin/spell-plugin/spell1.html
http://(news section of a university)/w/wp-content/plugins/adhensive/adh1.html
http://(a personal blog)/wp-gallery/Odd/odd1.html
http://(a bookshop in Canada)/wp-content/plugins/spotmilk/kit/kit1.html

... and so on. You get the idea.

So let me repeat from above: Please do yourself and the rest of the web a favour and keep your WordPress site up to date! Thank you.

And, yes, I tried to contact the owners of some of these sites. The bookshop was quick to respond. The contact address for that candidate for the senate bounced ...
Filed under: Comment Spam
()

What's Related

Story Options

Trackback

Trackback URL for this entry: http://spam.tinyweb.net/trackback.php/update-your-wordpress-site

No trackback comments for this entry.
Update your WordPress sites! | 0 comments | Create New Account
The following comments are owned by whomever posted them. This site is not responsible for what they say.

Copyright © 2009 Damn Spam! Powered By Geeklog