Member Sign In
Not a member?

A Wired.com user account lets you create, edit and comment on Webmonkey articles. You will also be able to contribute to the Wired How-To Wiki and comment on news stories at Wired.com.


It's fast and free.

Webmonkey is a property of Wired Digital.
processing...
Join Webmonkey
Please send me occasional e-mail updates about new features and special offers from Wired/Webmonkey.
Yes No
Please send occasional e-mail offers from Wired/Webmonkey affiliated web sites and publications, and carefully selected companies.
Yes No
I understand and agree that registration on or use of this site constitutes agreement to Webmonkey's User Agreement and Privacy Policy.
Webmonkey is a property of Wired Digital.
processing...

Retrieve Sign In

Please enter your e-mail address or username below. Your username and password will be sent to the e-mail address you provided us.

or
Webmonkey is a property of Wired Digital.
processing...

Welcome to Webmonkey

A private profile page has been created for you.
As a member of Webmonkey, you can now:
  • edit articles
  • add to the code library
  • design and write a tutorial
  • comment on any Webmonkey article
Close
Webmonkey is a property of Wired Digital.

Sign In Information Sent

An e-mail has been sent to the e-mail address registered in this account.
If you cannot find it in your in-box, please check your bulk or junk folders.
Sign In
Webmonkey is a property of Wired Digital.

Blogger.com Infested With Malware And Scams

By Scott Gilbertson March 19, 2007 Categories: Web Basics

Bloggerlogo
According the security firm Fortinet, Google’s Blogger.com is being used extensively in both phishing attacks and to propagate malware. In some cases the traffic to the sites is being driven by “a variant of the Stration mass mailer” worm a Fortinet security note warns.

One example listed in the security bulletin is a malicious script from “Pharmacy Express,” which advertises Viagra and Valium but actually tricks victims into giving up personal and medical information to the fraudulent site.

Other examples are even trickier including a Blogger.com site, which purports to be created by a Honda CR450 enthusiast, that infects visitors with the Wonka Trojan. Naturally the trojan doesn’t load from Blogger itself, but, according to Fortinet, is hosted on a Russian site.

A Google spokesperson told CNet, “we are investigating and blogs found to include malicious code or promote phishing will be deleted.”

This is hardly the first time scammers have used large social networking sites to nefarious ends, both MySpace and YouTube have also been hit in recent months, and I think it’s safe to say that this sort of scam will grow even more common as social networking sites continue to go more mainstream.

Tags: security
Post Comment Comments Permalink Print
Reddit Digg
 
Subscribe now

Special Offer For Webmonkey Users

WIRED magazine:
The first word on how technology is changing our world.

Subscribe for just $10 a year