Comment spam can be used to attack your PC – Bloggers Beware

I was checking updates in my email this afternoon when I opened the following email. It’s a typical “Please moderate…” request that WordPress generates if you have enabled that function. It’s one that I typically enable. But today I noted that this was a possible attack vector, and a danger for bloggers everywhere…

security attack vector

What happened?

I decided after receiving so many of these wretched emails in my mailbox, that I would visit the URL to see what would happen. Boy! Did I get a surprise. After clicking on the link, the URL resolved then redirected to a porn site, which then tried to load a whole bunch of images on a page that I hadn’t entered. Then in a few seconds, it froze my browser and I tried to manually recover the browser, but the whole system froze. So I exited the system by hitting the power button, and rebooting. Usually this approach is a little extreme, but I had no other choice. By that time, the system was emitting a beep sound.

On reboot, I ran several scans of my pc through anti-virus and anti-hacking tools to check that the PC hadn’t been compromised. I will likely have to monitor the PC for several days to make sure that it hasn’t got recurring problems; and I’ll likely run other checks to make sure nothing was inserted into my computer. But really, if I hadn’t learned before, I am completely shocked that I exposed myself to a whole new attack vector.

How would an attack work?

Quite simply: the virus writer would upload a virus or malware (or whatever) to their server; set up a website that allows the malware to be downloaded on a vulnerable PC; create anonymous looking links in such emails or even better misdirecting links from other sites they own; and spam the links across hundreds or thousands of blogs.

So…

  1. Create the program or virus – malware.exe;
  2. Upload that to the site where it is hosted and hidden in a webpage;
  3. (Create redirecting links on a more ‘neutral’ site: http://georgiesoros.co.uk/temp/page… that redirect to the page with malware);
  4. Spam the redirecting links in emails, newsgroups, comments, logs, and wherever else they can get them;
  5. Then wait for unwitting victims (like myself) to hit a link and get caught in the trap.

For the blogger, it’s a double whammy!

WordPress will either publish or queue the spam if it isn’t caught; if it is queued, notification emails are posted to blog owners causing them to open the email and possibly click or download the virus on their PC. If it isn’t emailed or published, it will sit in the comments section, and await the unwary blog owner clicking on the links there.

Once clicked, the page or browser will take over your PC with whatever needs to be loaded, and boom! Your pc is compromised.

Stop the spam, blogger! Stop the spam!

It’s always nice to know when you receive a comment, but you may need to take steps to protect yourself:

1. For older posts, use the Comments Plugin and close comments on really old posts. Just close them.You won’t regret it. Ever since I closed the comments on my old blog, I have had a much more peaceful life. More active blogs turn off comments and trackbacks after 1 month. You can automate this process, too. It’s called “Extended Comment Options“.

2. To avoid the double whammy, turn off the notification features when it says “Email me whenever…”. Just simply turn it off. That way, you won’t know that you got a comment, but you can live without that. If you check your blog most days, then this shouldn’t be a big deal; just remember to check your comments.

3. Consider using an anti-spam plugin to prevent such spam. I had been using Spam Karma II to prevent such spam. It worked pretty well but I tweaked my settings a lot, and it helped. Spam was really reduced that way; but I did lose one or two legitimate comments which were never recovered. Development on SKII seems to have faltered for the moment, but do check it out. I stopped using it when I switched to WPMU, and noted that I dealt with less spam anyway. I’m still not sure why spam dropped.

4. Keep your system uptodate as well as your AV and spyware software, too. Be prepared to run several such programs if you suspect you’ve been compromised, and do use some of the online systems as well. I’ve been known to run three AV programs at times when I suspect I’ve been hit, including TrendMicro’s HouseCall.

5. And don’t use older browsers, esp. if you are still using IE6.0, and you haven’t patched your system. Some of the exploits are well known now. Download a modern browser and use that instead.

So, take care with those comments, comment spam and trackbacks, they can lead the new blogger, and even more experienced blogger, into the dangerous world of ID theft, PC repairshops, and heightened Tech-related frustration!

Asus Eee 1000 PC – Available and Affordable!

Oh, and what’s this I see? It’s the new Asus Eee PC 1000 running Windows XP SP2 (or 3?) in Chinese. It has an installed 80GB hard disk (not SSD) and seemed plenty quick even for my tastes. In fact, I tried the keyboard, too and found that it was quite pleasant to use. Priced at around NT$18,500, too.

Asus Eee PC 1000

It sported the new Intel Atom Chip at 1.6Ghz with a 10″ TFT screen at 1024X600 WVGA card. On board memory included 1GB DDRII, and 80GB (SATA). I also managed to find several other UMPCs at the new Kuang Hua Market in Taipei.

Cool Stuff from Computex 2008: Video

After all the hoopla has died down, you can see some great stuff in this video that was featured on ERA News in Taiwan, including (drum roll!) Asus EBOX PC.

I’ve been following this company’s products since the launch of their Asus EEE PC 700 in 2007. The breadth and innovation of the company’s products underlines the ambitions of this company to reshape the PC (sans Apple) world by packaging the PC in a variety of new forms: UMPC, SETBOX style, Asus Radio, Video Gaming, …

While the video is in Chinese, you will get to see some great gadgets in the video: first up, of course, is the EBox. There isn’t the same level of interest in this device, but I believe it has a number of advantages that will see this become an extremely popular choice for all sorts of un (and under-) served markets: kids computing, older folks, family computing, simpler networking, classrooms, etc..

The price, the size, and the low power consumption make this a VERY attractive computer for the next generation of household computers. You could put one in EVERY room in your house for a very affordable price.

In our business, we would find it relatively inexpensive to equip a small language classroom with five or six of these machines; networked together, they’d be quite a cool and effective computer-skills teaching classroom. Now I just have to sell that idea to my partners.