Slashdot Mirror

← Back to Stories (view on slashdot.org)

Storm Hits Blogger Network

Posted by CowboyNeal on from the ridin'-the-storm-out dept.

ancientribe writes "Researchers have discovered the Storm Trojan nestled in hundreds of blog sites in Google's Blogger network, according to an article in Dark Reading. And this isn't simple comment spam, but actual blogs that post spam, and now, Storm executable files. A researcher who's been tracking the Storm-infested blog sites says he's working with Google to clean up this latest appearance of Storm."

3 of 89 comments (clear)

  1. Google does not terminate spammers. by Anonymous Coward · · Score: 4, Interesting

    72.14.207.191 (blogger.com) is listed in the Spamhaus SBL for their inability or unwillingness to terminate spamvertised blogspot sites. This has been an issue for months.

    "Thousands upon thousands of *.blogspot.com pages, all spammed and used to re-direct to other spammer landing pages"

  2. Re:Ballmer's Revenge? by dedazo · · Score: 3, Interesting

    Oh, they know it's a M$ born disease

    That's quite the glib statement, considering that worm requires so much user action (or inaction, depending on how you look at it) to infect a Windows box, it's not even funny.

    How many years do you think it will take before some court proves this was intentional?

    Are you serious?

    Oh, wait a minute... *slaps head* "Erris" is twitter's sockpuppet account, which he uses to shill his own posts.

    I thought this looked familar.

    --
    Web2.0: I love when people Flickr my cuil and digg my boingboing until my google is reddit and I start to yahoo
  3. Re:They have no idea? by Anonymous Coward · · Score: 5, Interesting

    The guy saying "I have no idea" isn't an employee of Google/Blogger, he's just the guy on the outside saying he doesn't know how.

    I'm on the outside also, but can tell you how. Blogger has a mail2 feature where you can post to an email address that you make up, and keep secret. Like a password. With users who makeup easy mail2 addresses (then don't monitor or abandon their blogs), and millions of emails being sent by the Storm BotNet, not hard to figure out how they are getting posted. Eventually the botnet hits them, just like they do with regular email addresses, and they get posted to the blog.

    And also note, the summary is misleading somewhat. The actual files that do the "infection" aren't hosted on Blogger at all. The same thing that is getting sent to peoples emails are being posted to blogs that leave their mail2 address open and easy. So you still have to fall for the click here to get infected...

    This has been going on for awhile. I first saw it at least 2 months ago. It may be increasing, but not new.