Anatoly Lubarsky Logo
programming, design, integration, games, music

Blog Spam: NewsGator Hacked ? (Bug in Spam Software)

Recently I'm getting reports on my site of spammy attempts to make GET/POST requests to the page called:


/ngs/siwin.aspx

All requests come from various IP addresses and various user-agents. All of them end with 404 - Page Not Found, since I really don't have such file. At first I thought that some spam software has bug in attempting to figure out the blog engine and post comment page url. Googling does not seem to help.


But recently after some investigation I realized that newsgator has such url structure and somehow is related to it. I'm subscribed to newsgator but don't use it too much...


So, I think: it is either a bug in newsgator or some doorway hacked and used by blog spammers.


Interesting, what people behind newsgator think about this.


P.S. : I think it is spam because these requests usually come in bulks (tens of them at once)...


Update: seems like some spam software checked for keywords in the content of the site to find out what blogging software is used in order to use the right protocol posting. Seems like newsgator subscribe button caused this - spam software mistakenly supposed that "subedit" blogging tool used (if I'm correct ?). And tries to post comments to the according comment page. As soon as I removed newsgator's subscribe button I stopped getting these error messages.


Related Posts:

Saturday, January 06, 2007 5:29 AM

Comments

# re: Blog Spam: NewsGator Hacked ?
Interesting. Can you send over to me (http://www.rassoc.com/gregr/weblog/contact.aspx) the referrers and user-agents you're seeing for those requests?

1/6/2007 8:00 PM by Greg Reinacker

# re: Blog Spam: NewsGator Hacked ?
Greg: I've send it to you. Thanks

1/6/2007 9:23 PM by Anatoly Lubarsky

Login

Subscribe via RSS

Article Categories

.Net Framework
ASP.NET Tips
C# Win32 API
HTML, CSS, Web
Javascript Tips
MSSQL Tips
System
System.Net
WebServices

Archives

(02) January, 2018
(01) June, 2013
(03) March, 2013
(02) February, 2013
(01) July, 2012
(01) April, 2012
(01) September, 2011
(01) August, 2011
(03) May, 2011
(01) December, 2010
(01) November, 2010
(01) October, 2010
(01) June, 2010
(01) May, 2010
(02) March, 2010
(01) January, 2010
(02) December, 2009
(03) September, 2009
(03) August, 2009
(09) July, 2009
(04) June, 2009
(03) May, 2009
(02) April, 2009
(03) March, 2009
(02) February, 2009
(02) January, 2009
(04) December, 2008
(04) November, 2008
(05) October, 2008
(04) September, 2008
(05) August, 2008
(04) July, 2008
(05) June, 2008
(07) May, 2008
(04) April, 2008
(03) March, 2008
(02) February, 2008
(03) January, 2008
(03) December, 2007
(05) November, 2007
(04) October, 2007
(05) September, 2007
(12) August, 2007
(11) July, 2007
(14) June, 2007
(13) May, 2007
(13) April, 2007
(10) March, 2007
(11) February, 2007
(14) January, 2007
(14) December, 2006
(12) November, 2006
(08) October, 2006
(09) September, 2006
(06) August, 2006
(08) July, 2006
(10) June, 2006
(09) May, 2006
(22) April, 2006
(25) March, 2006
(12) February, 2006
(14) January, 2006
(19) December, 2005
(17) November, 2005
(16) October, 2005
(16) September, 2005
(12) August, 2005
(14) July, 2005
(09) June, 2005
(12) May, 2005
(12) April, 2005
(20) March, 2005
(11) February, 2005
(12) January, 2005
(18) December, 2004
(13) November, 2004
(12) October, 2004
(14) September, 2004
(09) August, 2004
(23) July, 2004
(19) June, 2004
(29) May, 2004
(19) April, 2004
(16) March, 2004
(09) February, 2004
(06) January, 2004
(02) December, 2003
(01) November, 2003

Post Categories

.Net and C#
Android
Antispam
App. Development
Architecture
ASP.NET
Blogging
Deprecated Projects
Facebook Platform
Fun
Google
iOS
Javascript
Misc.
MSSQL
Music
My Games
Performance
Roller
Social Networks
Tools
Visual Studio
Web 2.0
WebServices

About Me

linkedin Profile
Recs
Who am I

My Sites

Billy Beet
x2line blogs