Skip to main content

Splogging Bots

I don't know that ghosts exist, but I believe in them. I don't know for sure that splogging bots exist, either. I believe in splogging bots more than I believe in ghosts. At least, I respect the threat that they provide. Ghosts can't hurt you. In Spam Blogs #3, I discuss the scope of this problem.

Here's one very possible scenario. You are tired of having your friends complain about not being able to see your blog, every time Blogspot hiccups. So you setup a folder on your ISPs server, you register a domain name (cool), and you publish your Blogger blog to your new domain. Fine.

The next day, one of your friends emails you and says
Why are you selling stocks (adult movies, drugs, what have you) now?


And you go to your old URL on Blogspot, and look. And lo, you see a big advertisement blog, where your poetry used to be. WTF?

So you think
I'll fix them.

and you back into Blogger and change your blog to publish it back to the Blogspot URL. Get rid of the spam shite. And when you try, you see
Sorry, this blog address is not available.

Browse thru the various threads in Google Blogger Help (in the 4 main subforums - ignore Share Your Blog!). You'll see this story repeated almost daily. How did this happen?

From the volume that it's happening, it pretty much has to be an automated process. Watching for newly available addresses (previously existed = worth money), re registering them, and putting spam blogs (splogs) in their place. And that's a splogging bot.

  1. We know that there's money in botnets.
  2. We know that there's money in splogging.
  3. We know that blogs are being hijacked, in various ways.
  4. We know about "distributed attacks", and about "throttled distributed attacks".
  5. The rate that the hijackings are occurring suggests some sort of automated process.

So next you ask
If my blog gets deleted (by me or by a Blogger anti-splog bot), or if I move my blog to an external host, how quickly should I setup a stub blog, to replace what I just deleted or moved? How many hours, days, weeks am I safe?

Well, as in the example above, the hijackings that I've read about suggest a period of days (or overnight), until the problem is noticed. So did your friend load your blog (the old URL) immediately after it was hijacked? Or hours, or days, after?

I, personally, would assume the worst possible case, and suggest
Minutes.


Put it this way. If botnets are not being used, right now, in blog hijackings, then the hijackings are being done manually. If the bad guys aren't using botnets right now, to hijack blogs, they will be sometime soon. Money follows money. Think. They are making good money right now. Using existing tools (botnets), they can make even better money.

I've been wrong before. Many times. I do not think I'm wrong right now.

This post, as other posts in my blog, is open for comments. Or you can sign my guestbook, and make your message private, if it pleases you.

Comments

Popular posts from this blog

Stats Components Are Significant, In Their Own Context

One popular Stats related accessory, which displays pageview information to the public, is the "Popular Posts" gadget.

Popular Posts identifies from 1 to 10 of the most popular posts in the blog, by comparing Stats pageview counts. Optional parts of the display of each post are a snippet of text, and an ever popular thumbnail photo.

Like many Stats features, blog owners have found imaginative uses for "Popular Posts" - and overlook the limitations of the gadget. Both the dynamic nature of Stats, and the timing of the various pageview count recalculations, create confusion, when Popular Posts is examined.

Free Domain Registration By "UNONIC" Is Fraudulent

Blogger blog owners, like everybody else, like to save money.

Some blog owners prefer to save money when registering a custom domain, for their blogs. We've seen several free domain registration services, providing what is claimed to be a two level Top Level Domain "co.xx" (where "xx" == various country codes).

The latest in this ongoing story appears to be "net.tf" - and 13 other "top level domains".There is also an additional free service offering third-level .tf domains, under the name United Names Organisation. They occupy 14 second-level domains, including .eu.tf, .us.tf, .net.tf, and .edu.tf. They are run by the same company as smartdots.com, and are given away as URL redirections.