Spambot attacks WordPress pages

Share this…

Researchers specializing in enterprise data protection services claim to have discovered a new spam comments campaign taking advantage of the FIFA World Cup popularity to deceive people to click on links that lead them to gambling sites of dubious reputation.

The campaign, which mainly aims at WordPress pages, is launched by a botnet and implemented in the form of massive comments in different sites. Despite being one of the oldest hacker techniques, spam comments are still very popular.

The comments seem to be little more than meaningless text generated from a template and posted in the comments sections of blogs and news articles. When the researchers analyzed the comments, they discovered a pattern: the sites the links lead to, offered betting services in the FIFA World Cup matches.

Using spray and pray technique, the spambot tries to post a comment on the same Uniform Resource Identifier (URI) in multiple sites, even on sites that might be vulnerable or do not have a comment section. Enterprise data protection services experts found that the top 10 links advertised by the botnet lead to World Cup betting sites.

“In the previous weeks to the World Cup, the botnet had emphasized other non-spam attacks, including failed attempts to invoke Remote Code Execution (RCE) through the Hypertext Processor (PHP) and to abuse the loading of unrestricted files to WordPress sites”, according to the reports from experts in enterprise data protection services.

In further comments, information security specialists mentioned that “research reveals that hackers follow public trends and go where the money is”. In this campaign, the attackers are taking advantage of the World Cup popularity. Anyone who visits these betting sites could be tricked into delivering confidential information to hackers.