Merry Christmas Spam
I dunno what’s going on this evening, but there has been a whole bunch of comment spam posted to this blog this evening. They are all from “zombie” machines (windows machines which have been taken over by the bad guys due to Microsoft’s non-existant security), and they’re from all over (clearly dynamics in cox.net, adelphia.net, comcast.net, well, you get the idea) in what has to be a coordinated, if ineffective, attack. It’s odd, though - they aren’t selling anything, instead there are randomly-generated characters in the URL which don’t resolve (ok, the few I’ve checked don’t resolve, anyway). But all forty of them (so far) are composed of a single random-character “word” holding a randomly-generated URL as a link, followed by a second random-character “word.”
It’s annoying to run through and delete them, but at least thanks to comment moderation they aren’t getting through to the publically-viewable blog.
10:06pm - Just deleted another 36 of the annoying things. What a waste of a bunch of zombies…
12/28/04 6:58pm - Just deleted another 128 bogus comments; this is getting a little old. I need to see if I’m being targeted (other than wasting my time deleting them, I’m not sure what the point would be), or everyone running Wordpress. Hum…looks like I’m not alone…check out http://binarybonsai.com/archives/2004/12/26/garbage-spam/
12/29/04 12:16am - Deleted another 53 of the d*mned things, and added programming to the wp-comment-post.php file which should hopefully catch the specific format of these annoying spams. Won’t know until tomorrow, though, to see if the log shows posts where there are none in the moderation queue.
12/29/04 1:23am - Yeah! The additional code changes to wp-comment-post.php are effectively eliminating the blog spam from ever entering the database - a side effect is that “real” posters may not have an URL as the first thing in the comment field, but that seems a small enough price to pay for the silence I’m getting. Lord, I love programming…