Your Fly Is Open

Netmenaces and Other Internet Stupidity

Putting the ED in EDU...

2021-03-05 3 min read attacks

I seem to spend a lot of this blog ranting about blackhat SEO attackers.

They bother me.

They really bother me.

Maybe it’s the brazen quality of the whole thing. I’ve said it before: it’s kinda like breaking into someone’s house and leaving behind a note with your name and phone number scrawled on it.

That bothers me, but that doesn’t really cover it.

Did I mention that these guys really bother me?

I think it has to do with bullying. Bullying can take all kinds of forms, and I suppose I view what they do as intellectual bullying. They tend to go after the sites of smaller organizations - sites run by… well… business folks - people who have to rely on something like WordPress because they don’t have an IT department.

These folks don’t have time to learn how to set up and secure a website, so they find a CMS that promises it’ll be easy, throw together some markup, and when the output looks decent, they think that they’re done.

But then some dude who’s learned more about how to exploit website misconfigurations than about how to be a decent human being comes along and uses their intelligence to take advantage. Traditional bullies use their physical prowess to abuse people who are smaller and weaker. Intellectual bullies use their intelligence in an analogous way - and it’s still abusive, still bullying.

That’s what bothers me - because bullying is wrong - whether you do it with brains or brawn.

Earlier today, I found the following on the hacked site of a small pharmacology school:

html

There’s three things that really bother me about this:

  • The hack took advantage of a WordPress flaw. WordPress runs something like 40% of the websites on the Internet. These jerks had plenty of other sites to target… But no. They had to put their Erectile Dysfunction (ED) drug spam on the site of a small pharmacology .edu site - potentially damaging their reputation. Tell me that isn’t abusive, tell me that isn’t bullying, tell me that isn’t just frickin’ adding insult to injury.
  • In addition to that particular a**hole move, these pinheads can’t even be bothered to un-indent that final </html> tag - which is driving me just a little bit crazy every time I look at it.
  • In the spirit of piling on, one of their subdomains has been whacked by my buddies the term paper SEO hackers… nice, real nice.

I don’t know if I’ve made this clear: these guys really bother me.

-TL
Tom Liston
Owner, Principal Consultant
Bad Wolf Security, LLC
Mastodon: @tliston@infosec.exchange
Twitter (yes, I know… X): @tliston
March 5, 2021