Pete
2009-02-04 00:33:55 UTC
[cross-posted because the apparently most-appropriate group is very
low-traffic!]
I'm curious about the repeated 'malicious' postings the comment handling
software on my web pages is receiving. They never make it all the way
through, because the bots don't understand my particular roadblocks,
but they're logged.
There seem to be three types. The ones I understand are those that
start with a trite 'fortune cookie', followed by kilobytes of hidden
URLs; they are apparently supposed to appear in the page's comments,
and help boost the ranking of the links. Those links are such a strange
mix of blog entries, personal sites and cosmetic ads etc., though, that
I'm still not sure I really understand the point.
More sinister are the ones that just have one or two -- usually disguised or
hidden -- links, to sites with a URL that is an apparently random string
of characters. I would have guessed a trojan-insertion page, but the site
never actually seems to exist! Like this (but on one line):
"gUCy1A <a href=\"http://vpzruwdaatbp.com/\">vpzruwdaatbp</a>,
[url=http://tsn rtgvlqksm.com/]tsnrtgvlqksm[/url],
[link=http://hztmeensennf.com/]hztmeensennf[/link], http://dyqmsjovopcp.com/"
Any info?
Finally, I've been seeing completly random (or encrypted?) strings,
with the appropriate reply-email and subject slots in the post filled in:
email: ***@hotmail.com
subj: SlvXFakCPvolHanc
owrjkd sk6skN2aP6Vvq18MdGcl
What the heck is *that* all about...?
-- Pete --
low-traffic!]
I'm curious about the repeated 'malicious' postings the comment handling
software on my web pages is receiving. They never make it all the way
through, because the bots don't understand my particular roadblocks,
but they're logged.
There seem to be three types. The ones I understand are those that
start with a trite 'fortune cookie', followed by kilobytes of hidden
URLs; they are apparently supposed to appear in the page's comments,
and help boost the ranking of the links. Those links are such a strange
mix of blog entries, personal sites and cosmetic ads etc., though, that
I'm still not sure I really understand the point.
More sinister are the ones that just have one or two -- usually disguised or
hidden -- links, to sites with a URL that is an apparently random string
of characters. I would have guessed a trojan-insertion page, but the site
never actually seems to exist! Like this (but on one line):
"gUCy1A <a href=\"http://vpzruwdaatbp.com/\">vpzruwdaatbp</a>,
[url=http://tsn rtgvlqksm.com/]tsnrtgvlqksm[/url],
[link=http://hztmeensennf.com/]hztmeensennf[/link], http://dyqmsjovopcp.com/"
Any info?
Finally, I've been seeing completly random (or encrypted?) strings,
with the appropriate reply-email and subject slots in the post filled in:
email: ***@hotmail.com
subj: SlvXFakCPvolHanc
owrjkd sk6skN2aP6Vvq18MdGcl
What the heck is *that* all about...?
-- Pete --
--
============================================================================
The address in the header is a Spam Bucket -- don't bother replying to it...
(If you do need to email, replace the account name with my true name.)
============================================================================
============================================================================
The address in the header is a Spam Bucket -- don't bother replying to it...
(If you do need to email, replace the account name with my true name.)
============================================================================