On Tue, 25 Sep 2007 09:05:01 +1200 Jim Cheetham <[EMAIL PROTECTED]> wrote:
> This morning I noticed 4 update announcements to the CLUG wiki, which > seem to be non-human. > > We have 4 new pages with one-word content, created by two separate > users, "t785t" and "t717t". > > User: t785t Page: WikiUserNew Content: "c296t" > User: t785t Page: OldMarkup Content: "c296t" > User: t717t Page: AddComment Content: "c9t" > User: t717t Page: new linking scheme Content: "c9t" > > Judging by the format of the usernames and content, it's reasonably > obvious that these changes represent a seeding attack on the wiki, > probably with the intention of seeing what our googleability is (and > therefore setting our value for future spam runs). There's nothing > interesting to be gained by looking at the source IP addresses :-) > > I've deleted all these pages. The policy of the Wiki is to allow > anonymous edits, and to allow any users to be arbitrarily referenced, > and no further changes are expected. In the past I have locked edit > access to some phpwiki-default pages, which has stopped generic spam > runs. > > Thought you might be interested to see the current state of the art in > spam :-) For more background information, see Peter Gutmann's recent > paper on The Commercial Malware Industry :- > > "Malware has come a long way since it consisted mostly of small-scale > (if prolific) nuisances perpetrated by script kiddies. Today, it's > increasingly being created by professional programmers and managed by > international criminal organisations. The Commercial Malware Industry > looks at the methods and technology employed by the professional > malware idustry, which is turning out "product" that matches (and in > some cases even exceeds) the sophistication of standard commercial > software, but with far more sinister applications." > http://www.cs.auckland.ac.nz/~pgut001/pubs/malware_biz.pdf > > Also consider :- > > http://www.cs.auckland.ac.nz/~pgut001/pubs/blended.pdf > The Convergence of Internet Security Threats > > http://www.cs.auckland.ac.nz/~pgut001/pubs/phishing.pdf > Phishing Tips and Techniques: Tackle, Rigging, and How and When to Phish > > -jim Unfortunately, Peter Gutmanns credibility has lately ( in my eyes ) been blighted somewhat by sloppy and inaccurate research... http://blogs.zdnet.com/Bott/?p=299
pgpzGbbqaOkwF.pgp
Description: PGP signature
