Today I had my first distributed, coordinated comment spam attack. This one was interesting because within a five minute time span, twenty comments were posted to three separate entries. The comments used a similarly formated message but linked to different, legitimate web sites. They were also from completely different IP addresses (list below the fold).
Clearly something in the Movable Type 3.3 upgrade broke my captcha. I have comments moderation on until I have time to deal with it.
126.96.36.199 188.8.131.52 184.108.40.206 220.127.116.11 18.104.22.168 22.214.171.124 126.96.36.199 188.8.131.52 184.108.40.206 220.127.116.11 18.104.22.168 22.214.171.124 126.96.36.199 188.8.131.52 184.108.40.206 220.127.116.11 18.104.22.168 22.214.171.124 126.96.36.199 188.8.131.52 184.108.40.206 220.127.116.11
Want harder, natural OTC stocks worth $1 million dollars in Nigeria?
I see these come in swarms. I have a plugin in WordPress that chews through all this stuff, and sends me an email once a day telling me what a good boy he’s being. Since July 28th he’s caught 1188 spam and let 130 comments through, all correctly.
I’ve been seeing these for the better part of a year now. I know I haven’t upgraded to the current version of MT, mostly because I don’t want to give up the convenience of MT Blacklist (yeah, try and comment on my very first entry (now more than 2 years old) and see what happens…I’m embargoing your butt you evil creature you)). I’m not sure what this is about, what purpose it serves the [email protected] but it’s made me look at what I add to the centralized blacklist, and learn to use regular expressions!, more carefully.
Can I interest you in any drugs or watches? 🙂
Comments are closed.