Blackhat SEO Spammer targeting High PR WordPress Blog Blackhat SEO Spammer targeting High PR WordPress Blog Blackhat SEO spammer segmentação elevado PR WordPress blog Blackhat SEO spammer segmentação elevado PR WordPress blog

I’ve been monitoring mattheaton.com “ wordpress.net.in goro spam injections ” for this past few months. Eu tenho acompanhamento mattheaton.com "wordpress.net.in Goro injecções spam" para este últimos meses. Noticeably, the blackhat spamming method is changing dramatically. Notavelmente, o blackhat spamming método está a mudar dramaticamente. For those who are still unaware of Wordpress Goro Spam please read my earlier post → Wordpress.net.in Spam injection & Gaming Bluehost & Hostmonster CEO’s Blog . Para aqueles que ainda são ignorantes de Goro Wordpress Spam por favor leia o meu post anterior → Wordpress.net.in injecção Spam & Gaming Bluehost & Hostmonster CEO's Blog.

thinkingphp.org (PR6) & jensfrake.com (PR7) has been hijacked by “Wordpress Blackhat SEO Spammer” for this month. thinkingphp.org (PR6) & jensfrake.com (PR7), foi invadida por "Wordpress Blackhat SEO Spammer" para este mês. Both sites were running on WordPress 2.3.2 . Ambos os sites foram publicados em WordPress 2.3.2.

By now the <div id=”goro”> signature has been replaced with “Inline CSS” wrapper. Até agora a assinatura <div id="goro"> foi substituída por "inline CSS" wrapper.

Cloacking Check on Mattheaton.com Cloacking verificar a Mattheaton.com

Normal Browser Normal Browser

32,246 characters - mattheaton-com-source.txt 32.246 caracteres - mattheaton-com-source.txt

Google bot Google Bot

34,646 characters - mattheaton-com-googlebot-source.txt 34646 caracteres - mattheaton-com-googlebot-source.txt

Difference Diferença

2,400 characters 2.400 caracteres

Cloacking Check on jensfrake.com & blog.jensfrake.com Cloacking verifique a jensfrake.com & blog.jensfrake.com

Normal Browser Normal Browser

59,580 characters - blogjensfrakecom.txt 59.580 caracteres - blogjensfrakecom.txt

Google bot Google Bot

59,699 characters - blogjensfrakecom-googlebot.txt 59.699 caracteres - blogjensfrakecom-googlebot.txt

Difference Diferença

119 characters 119 caracteres

While scanning jensfrake.com their server return 400-500 error, so we had to scan his (clone) subdomain blog.jensfrake.com instead of the main site Embora a digitalização jensfrake.com seu servidor 400-500 retornar erro, de modo que tivemos de fazer a varredura de seu (clone) subdomínio blog.jensfrake.com vez do site principal

This time around, you wont see the spam on both of this website, all the spam links is position out of the client view-port (top -3337px, left -2227px). Desta vez, você costuma ver o spam em ambos deste site, todas as ligações spam posição está fora de vista do cliente-port (top-3337px, deixou-2227px).

another mathematical jokes, l33t. outro matemático piadas, l33t.

 <div style="left: -2227px; position: absolute; top: -3337px"> <div style="left: -2227px; position: absolute; top: -3337px"> 

What’s new with Goro spam 2008 O que há de novo em 2008 Goro spam

• WordPress <= 2.3.2 is vulnerable to this attack. WordPress <= 2.3.2 é vulnerável a esse ataque.
• Inject Spamlinks wrap with extra Inline CSS for cloacking Injectar Spamlinks embrulhar com CSS Inline extra para cloacking
• Target High PR Sites → PR5 and above Alvo Alto PR Sites → PR5 e acima

Related Post Relacionados Post

• Matt Heaton BlueHost HostMonster CEO’s Official Blog Hacked Matt Heaton BlueHost HostMonster CEO's blog oficial cortado
• How to Removed Wordpress.net.in Spam Injection Como a injecção removido Wordpress.net.in spam
• Matt Heaton Bluehost Hostmonster CEO Hacked Again - Strike II Matt Heaton Bluehost Hostmonster CEO cortado novamente - greve II

External Links Ligações externas

• National Vulnerabilities Database (NVD) on Wordpress 2.0 > 2.0.5 vulnerabilities Vulnerabilidades Nacional de Dados (NVD) no Wordpress 2,0> 2.0.5 vulnerabilidades

Bookmarks

• Share This Esta quota