The sorry state of SPAM and the Blackhole exploit kit

148,885 spam comments already

148,885 spam comments already

I’m about to reach a milestone on this site and it isn’t a pretty one either. In the past 7 years of this blog being active I have almost reached 150,000 spam comments. Fortunately Akismet is an amazing plugin for WordPress and has managed to stop about 99.5% of this from ending up on my blog leaving me “only” .5% to remove manually.

Other more worrisome issues have been created by hackers as well. In the past few months I have seen a number of my sites lose rank on Google and fortunately a friends virus program caught some strange code on one of my many web sites. These are the Blackhole Exploit Kit and an occasional JavaSceipt Obfuscation. The Blackhole exploit kit is currently the most common web threat with 28% of all web threats detected by Sophos and 91% by AVG due to this exploit kit. Its purpose is to deliver a malicious payload to a victim’s computer. According to AVG over 56,000 web sites are infected.

If you have a WordPress or Joomla blog you might want to check to see if you have an issue with the Blackhole exploit kit. Check your site at http://www.avgthreatlabs.com/sitereports/

If you do have an issue search your blogs index.php file and your themes index.php and footer.php files for the phrase ” Looks for google serch bot”. Notice the misspelling for search; I guess the Russian who developed this didn’t have a good grasp of English. Updating these 2 files seems to get rid of the threat but you still need to try and stop the jerks from hacking into your program again. Change your admin name, change your password to something really strong and consider the following plugins for your site:

– TimThumb Vulnerability Scanner
– Exploit Scanner
– BulletProof Security
– 6Scan Security

A good write-up about this issue is located at Fix for WordPress Hack

It’s a lot of work, a pain in the arse and a big waste of time but I guess that’s what hackers and spammers like!

Related Posts :

Share

Leave a Reply