Sunbeltblog comments

Spywareguide is spamming blogs?
The Dean | 08.18.08 - 11:36 pm | #

Well, that's weird. Isn't spywareguide Paperghost's blog? I know he wouldn't spam here. And, the link on the first comment goes to a 404 page.
The Dean | 08.18.08 - 11:38 pm | #

Wow.

No, that's nothing to do with me. That link is some sort of weird garbled version of this:

http://blog.spywareguide.com/200...tand- found.html

Makes no sense for them to put an SPG url in there. That blog entry is part of a series thats just hit some of the IT news websites:

Link 1

Link 2

Theoretically, it could have been scraped from there...I guess...except that article isn't linked to by either site (its the other two writeups linked to instead). So that's out of the window.

Could it be a disgruntled affiliate not too happy about this coming to light? Other than that, I've no idea. Interesting.

I'll email Alex and see if the poster left any other clues lying around.

Weird :S
Paperghost | Homepage | 08.19.08 - 2:08 am | #

Sorry, the links seem to have not posted correctly. Just go to google news and search for Zango.
Paperghost | Homepage | 08.19.08 - 2:09 am | #

Gravatar Some additional comments can be found here related to the Fuse construction tool and more importantly for the dangers of unpatched Flash versions:

http://msmvps.com/blogs/ harrywal...dvertising.aspx
Harry Waldron | Homepage | 08.19.08 - 9:47 am | #

Gravatar I've killed the spam....
alex | 08.19.08 - 10:14 am | #

Gravatar Thanks Alex. Without wanting to derail further, just thought I'd mention to The Dean that the spammer is apparently in Vietnam, and a lot of the pirate movie sites promoting Zango are from Asia. Odd coincidence, that...
Paperghost | Homepage | 08.19.08 - 10:51 am | #

Gravatar "..the spammer is apparently in Vietnam"
Nope. Well, highly unlikely anyway.

"..potentially forged Reverse DNS"
To pull that off you need to supply 1.21 gigawatts of electrical power to the flux capacitor. :P

I'll give you some hints:

1. The individual has a domain registered through Yahoo and claims to live in Ontario Canada.

2. Yes, it was automated or "scraped" - with semi-slick reasoning. The automation is what caused the link to be mangled.

3. Remember when you weren't sure what was up with that myspace.com/zango profile (url has since been taken over by a seemingly legit user)? This is the same kinda deal.

4. The lack of nofollow tags here and on your personal and company blogs make things extra sweet for the douche bag behind that automated comment spamming thingy-dangy.
LoLo | Homepage | 08.20.08 - 1:23 am | #

Gravatar im not sure i follow everything going on here, but a general observation.

its really not that difficult to forge rDNS, especially if youre talking about a spammed comment that appears to be from one place but is actually from another (as seems to be the case here.) i maintain a number of spam blocklists, and im almost certain i know the ip/rDNS in question (its been an extremely popular choice for manual and automated spammers for years, and rDNS forging has played a big role in that.) i do enjoy back to the future though
m.b.l. | 08.20.08 - 4:34 am | #

Gravatar Cheers LoLo, I'll look into it when I return
Paperghost | Homepage | 08.21.08 - 1:24 pm | #

Name:

Email:

URL:

Comment:  ? 

 

Commenting by HaloScan