The following elgg sites have been atacked by the profile porno spammer
http://socialcommerce.in/pg/profile/AanikaDoyle11
http://www.pandaron.com/pg/profile/AshleeLewis42
http://thumbnailsociety.com/pg/profile/AaylynWashington45
http://plainrice.com/pg/profile/AinneganTurner44
http://community.sman1kalasan.sch.id/pg/profile/AestineeMiller45
http://www.swakiya.com/pg/profile/AinneganJones00
http://spaceelephant.com/pg/profile/AdenMorris43
http://seoprofessionals.ning.com/profile/xxxmanandwoman19
http://www.boomboxglobal.com/cms/pg/profile/AssenceLopez09
http://boogola.com/pg/profile/AahliaTurner56
info@elgg.org
Security issues should be reported to security@elgg.org!
©2014 the Elgg Foundation
Elgg is a registered trademark of Thematic Networks.
Cover image by RaĆ¼l Utrera is used under Creative Commons license.
Icons by Flaticon and FontAwesome.
Mine Too!!!
No wait... nevermind... Mine are just regular users who enjoy watching/sharing porno..
And also, apparently, a ning site.
elggdev.com was attacked as well. Luckily, only user profiles were affected.
How to fight back these sort of spamming ...?
i have get the same problem and here is what i did :
1 disable simplevalidationbyemail
2 add code to the register form to track the ip from those who hit the register page
3 change the allowed code in htmlawed to NOT allow style in post
4 block ip that hit many time the registration page
and of course be sure to have captcha enabled and check new users against spam
i use SpamBot Search Tool gillardg.net/s/ckspam/
OK the person that is doing this is doing it manually we think.
He is also using a ip proxi so banning the ip will not work
He has used ip's in Russia, Holland, and Chicago, and Belarusia
the way to get this £"!$!"£$%!tard is to hit him in the pocket.
anyone who gets one of these should send the code to AFF abuse contact
and his affiliate account will be blocked.
if you investigate you will see that it ends up as a AFF pay per click affiliate link.
We have reported this to AFF and also USA cyber crimes as it is a federal crime to do this.
If you use this link http://adultfriendfinder.com/go/page/abuse.html?abuse_pwsid=&abuse_date_registered=&abuse_pid=&abuse_handle=&abuse_status=&abuse_level=&who=r,/7YepThQb26iUAQrDFLIdXCqWpKU8HxszutM2Uf39TmDlfh/HTmRjB4ZxXbcepDeHNjNpTq8KZrf/ycVxT9WHgx8COleeOOHVdov8j6DoWC5Iflo9JDPZsndbeIJ2Ql_
all you need to do is drop the page address and view source copy and past source code of the page and a slightly irate note
anyone have any other idea's I'd love to here them.
Also Brett whatever happened to uncaptcha.
Also you are right about the ning site I just didn't post the link here as I didn't think it was relevant.
Please Note this is not an Elgg specific problem.
You'd think this guy would actually spend his life doing something constructive.
I get this through the internal messages system of community.elgg.org:
@good vibrations.... (nice name:)
I too got the same mail from elgg internal msgs hehehehe :)
she fell in love with me about one year ago :P
Oh she is cute.... but what !!! she sent u also the messagee hmm... so she is cheating on me :( ngeeee :( :P hehehehe :P
leaving all the kiddings.. I wonder how these spammers get inside....
beware good vibrations she will after some mails ask for money and credit card numbers or will somehow steal from you etcc.. and leave all ur vibrations to a very baad mood :P
Beware
HaPPy ElGGinG :)
Do GooD :)
We found out that the porno profile spammer was consistetly using @spam.la email addresses. Seems he has been dropping 600+ links at facebook as well !!! After AFF pay-per-clickers were notified of his mis-doings, it seems he was dropped by them. He came back to drop links for mp3 ppc sites. We have modified our register action -->
$email = get_input('email');
if (strpos($email,'spam.la')>-1)
.... go somewhere else..;-)
- Previous
- 1
- 2
- Next
You must log in to post replies.