More on the WordPress Blog Spam Cancer

200804081439Technorati published more information on the wordpress blog spam cancer that’s spreading around the Internet.

If you’re running a version of WordPress less than 2.5 you need to stop what you’re doing NOW and upgrade! Don’t wait until your blog is compromised.

The blogosphere has had its share of maladies before. Comment spam, trackback spam, splogs and link trading schemes are the colds and flus that we’ve come to know and groan about. But lately, a cancer has afflicted the ecosystem that has led us at Technorati to take some drastic measures. Thousands of WordPress installations out in the wilds of the web are vulnerable to security compromises, they are being actively exploited and we’re not going to index them until they’re fixed.

We know about them at Technorati because part of what we do is count links. Compromised blogs have been coming to our attention because they have unusually high outbound links to spam destinations. The blog authors are usually unaware that they’ve been p0wned because the links are hidden with style attributes to obscure their visibility. Some bloggers only find out when they’ve been dropped by Google, this WordPress user wrote

I’ve reached out to Ian Kallen to offer collaboration on fixing this issue.

We’re going to push out a point release of Spinn3r to block blogs that exhibit this spam problem.

It’s such a rare event to have hundreds of thousands of weblogs compromised in a systematic manner.



%d bloggers like this: