Bizarre Blog Comments - Spam? Hack? Pls Help

18 replies
I am becoming more cautious and jaded by the day. One of my affiliate sites was hacked last month and my main email account was hacked this week.

Anyway, I have a new affiliate site and one of the pages is a wordpress page that just pulls in ebay auctions. I have pending comments that I can't decipher and am curious more than anything else because I am sure that they won't be the last. Here is what they look like:



The links go absolutely nowhere. I don't get it. Anyone?
#bizarre #blog #comments #hack #pls #spam
  • Profile picture of the author candoit2
    Originally Posted by trishworks4u View Post

    I am becoming more cautious and jaded by the day. One of my affiliate sites was hacked last month and my main email account was hacked this week.

    Anyway, I have a new affiliate site and one of the pages is a wordpress page that just pulls in ebay auctions. I have pending comments that I can't decipher and am curious more than anything else because I am sure that they won't be the last. Here is what they look like:



    The links go absolutely nowhere. I don't get it. Anyone?

    I get those also...not sure either.

    Aaron
    Signature

    {{ DiscussionBoard.errors[1315164].message }}
  • Profile picture of the author Sumit Menon
    I get those too.. Akismet just weeds them out usually.
    {{ DiscussionBoard.errors[1315177].message }}
  • Profile picture of the author trishworks4u
    yeah - but I wanna know what it means??? there has to be a point to that...
    {{ DiscussionBoard.errors[1315207].message }}
  • Profile picture of the author Jagged
    I get one's that are like those...a bunch of non-sense, jumbled letters...or just a bunch of question marks...strange stuff....
    If it's nothing, there's a lot of really bored people out there...
    {{ DiscussionBoard.errors[1315210].message }}
    • Profile picture of the author Sumit Menon
      Originally Posted by Jagged View Post

      I get one's that are like those...a bunch of non-sense, jumbled letters...or just a bunch of question marks...strange stuff....
      If it's nothing, there's a lot of really bored people out there...
      I got 1,000 of these in 3 days...
      {{ DiscussionBoard.errors[1315215].message }}
  • Profile picture of the author globalpro
    Hi,

    A lot of times they are test runs from someone that is getting ready to spam blogs. No sense entering real info, unless it works.

    Thanks,

    John
    {{ DiscussionBoard.errors[1315273].message }}
  • Profile picture of the author DogScout
    Did you run the IPs thru an IP checker. That would at least tell you where they came from.

    The 1st one is Texas: DILLIG ENTERPRISES LLC (looks to be out of business)

    2nd is UK: RapidSwitch Ltd (also out of business, at least the URL re-directs to a health blog!)

    Both are listed as 'suspected network sharing devices' Both are suspected of Geo cloaking. The 1st one looked like a Danish origination. Strange.
    {{ DiscussionBoard.errors[1315314].message }}
  • Profile picture of the author DogScout
    looks like they are using proxy servers; either Philippines or Singapore?
    {{ DiscussionBoard.errors[1315323].message }}
    • Profile picture of the author Sumit Menon
      Originally Posted by DogScout View Post

      looks like they are using proxy servers; either Philippines or Singapore?
      Now, that's just plain rude. :rolleyes:
      {{ DiscussionBoard.errors[1315342].message }}
  • Profile picture of the author Johnathan
    It's a combination of things:

    a) Some individuals are testing your system for exploits
    b) Some script kiddies ("hackers" who really have no clue what they are doing, but like to be called a hacker because it sounds 'cool') -- use other peoples software to test for exploits, with really no clue what they are doing
    c) Sometimes testing/probing for proxy servers/relaying

    etc, etc.

    It's not really anything to 'worry' about, unless of course you have your own server in which case you need to make sure no rootkits, etc, are installed on your system.

    Johnathan
    Signature
    Make money from writing, find out how now.
    {{ DiscussionBoard.errors[1315355].message }}
  • Profile picture of the author sbucciarel
    Banned
    Looks like a comment bot doing a test run, but all of Jonathan's suggestions are relevant. I get this crap all the time.
    {{ DiscussionBoard.errors[1315367].message }}
  • Profile picture of the author trishworks4u
    very helpful - so it's "pre-spam" perhaps... toe-dipping before the hack. comforting.
    thanks for the insight.
    {{ DiscussionBoard.errors[1315699].message }}
  • Profile picture of the author jendoe
    On my very small niche content site I have a "feedback" form - it goes to my email, nothing gets posted on the site itself...

    And during the course of about 1 or 2 weeks, I got a couple of these too! But, nothing since then!

    I assume it was some sort of auto-bot testing places to leave comments, and when my site "failed" by not posting anything, it moved on...

    Weird to see though, isn't it?
    {{ DiscussionBoard.errors[1315756].message }}
  • Profile picture of the author Johnathan
    PPS --

    Not sure how much of a programmer you are -- but if you want to remove
    that question -- add a very simple get/response question.

    I.e., before someone can make a post, add something like "What is 2+2?"
    Obviously the answer is 4. But the bot won't know that, so if the answer
    is incorrect, simply don't post.
    Signature
    Make money from writing, find out how now.
    {{ DiscussionBoard.errors[1316831].message }}
    • Profile picture of the author mgkimsal
      I always thought the purpose of this junk was to lower the efficacy of spam filters in general. A few years back "bayesian filtering" became the rage, and this sort of spam (both from email and comment spam) seemed to take off. Bayesian filtering requires a list of 'spam' (bad) and 'ham' (good) - someone needs to identify each, and as each body of ham or spam grows, the system can do a better job of identifying which is which by comparing to know spam or ham. If your ham body is overrun with this sort of junk, it makes the filters far less effective.

      That's been my take, but the "probing for holes" is probably another good theory. Probably fact - I've never talked to spammers to figure out why they do this sort of stuff!
      {{ DiscussionBoard.errors[1317142].message }}
  • Profile picture of the author Profit-smart
    It's software crawling through a list of blogs looking for vulnerable targets; thats all.

    Add a captcha function.
    {{ DiscussionBoard.errors[1317262].message }}
  • Profile picture of the author jig
    Yeah, CAPTCHA will solve this, although for me Akismet always catches it.
    {{ DiscussionBoard.errors[1475568].message }}
    • Profile picture of the author Robert T Jillie
      Those are from a comment bot doing a test run to check out your site hoping to slip in a comment on your blog with a spam link.

      My clients get them all the time and I have traced many back to spam bots but some trace back to hackers. Since you have had problems with hackers in the recent past it could be that they are back again probing to see what kind of mayhem they can create.

      Not to worry ...

      I'm working on a "Sherif Bot" that will track down both the spam bots AND the hackers and Kill the Dirty Rotten BasT***s DEAD!!!

      It should be wort a ton of cash when completed.

      I Promise to give a copy to every Warrior for Free though!...........
      Signature
      Never Give Up, Be Confident In What You Do.

      There may be tough times, but the difficulties which you face
      will make you more determined to achieve your objectives
      and to win against all the odds.
      {{ DiscussionBoard.errors[1475635].message }}

Trending Topics