« Real Tech News says Google drops Froogle and repaces it with Google Base | Main | Slashdot Goes Live With New Design »

McAfee SiteAdvisor Spams Blogs

Posted by Kevin
Published: Jun 2, 06 03:06 PM

Today the software that runs the Wizbang Network of sites was kind enough to send me a bit of news about our automated spam defenses.

A visitor to your weblog Wizbang has automatically been banned by posting more than the allowed number of comments in the last 200 seconds. This has been done to prevent a malicious script from overwhelming your weblog with comments. The banned IP address is:


206.17.108.245

It's pretty rare for this particular alert to be tripped because it indicates a single location, brute force attack that most blog spammers don't use anymore. Blog spammers use proxies and bot farms to vary their IP addresses from comment to comment, so there's less of a chance that the systems they are attacking will shut them out.

Because this type of attack is a couple years out of date I decided to look into the source address, and boy was I surprised find out who the culprit appears to be...

logo_siteadvisor.gif


Here's the relevant WHOIS data for that address:

CustName: SiteAdvisor
Address: 112 South Street
City: Boston
StateProv: MA
PostalCode: 02111
Country: US
RegDate: 2006-02-20
Updated: 2006-02-20
NetRange: 206.17.108.240 - 206.17.108.255
CIDR: 206.17.108.240/28

A little GoogleFu confirms that SiteAdvisor is a spam/phishing fighting company that was recently acquired by McAfee. Their "About" page sort of telegraphs what they're doing...

SiteAdvisor was founded in April 2005 by a group of MIT engineers who wanted to make the Web safer for their family and friends. Having spent one too many holiday breaks trying to clean a mess of spam, adware, and spyware from our families' computers, we decided to take action.


We realized there was a gaping hole in existing Web security products. While traditional security companies had gotten relatively good at addressing technical threats like viruses, they were failing to prevent a new breed of "social engineering" tricks like spyware infections, identity theft scams, and sites which send excessive e-mail.

To address this challenge, we built a system of automated testers which continually patrol the Web to browse sites, download files, and enter information on sign-up forms. We document all these results and supplement them with feedback from our users, comments from Web site owners, and analysis from our own employees.

So I'm still not quite sure why McAfee needs to attack Wizbang with spam for Enzara, erectol, valbienn, and Groped in Public to protect their customers or to rate Wizbang. Here's a little bit of what my new friends at McAfee left for me before the software slammed the door shut on them:

http://tech.wizbangblog.com/images/2006/06/mcafeesiteadvisorspam-thumb.JPG


So it would appear that either McAfee SiteAdvisor is a blog spammer (albeit a pretty lame one), or a pretty lame blog spammer is using their network to spam blogs. Frankly I'm not sure which is worse...


Oh yeah, they have a blog...

Update: McAfee, who were contacted before this story ran, responds.

A few hours ago, you e-mailed us to inform us that an IP address owned by SiteAdvisor had been used to post blog spam on your blog.


We were certainly surprised to hear this, as our policies and ethics are completely opposed to spam of any kind. But the news demanded our attention. We began investigating immediately and found that you were correct. In the past, we set up a server for internal use and had a Web application running on it that required proxy support. We later opened it up so people outside the firewall could use it and forgot to disable the proxy support. Unfortunately, one of the bad guys out there found it and decided to use it to relay some blog spam.

We corrected the problem within an hour of receiving your e-mail.

SiteAdvisor takes this very seriously. Our reason for being is to help stop Internet-based abuses so we're particularly concerned about making sure we don't inadvertently aid people like that.

We will not make this mistake in the future, and apologize to you, the readers of Wizbang and any other blogs that were victims of this exploit.

Well it's good to know they weren't actively spamming the site, the fact that a system belonging to a security software company was wide open for use by spammers is disappointing, though not completely surprising.

  • Currently 0/5
  • 1
  • 2
  • 3
  • 4
  • 5
Rating: 0/5 (0 votes cast)

Close

Email this entry to:


Your email address:


Message (optional):


| Send To A Friend | Linking Blogs | Digg this!
Filed under: Internet
Add to: del.icio.us | reddit | Newsvine | FURL | Google | Spurl | BlogMarks | Stumble Upon

The comment section for this entry is now closed. To continue discussing this story visit the Wizbang Forum.


Advertisments







Search


Subscribe Via E-Mail

Get Wizbang Tech in your inbox by submitting your email address below.

Get notified by post

Archives

Categories

The Wizbang® Network

Wizbang
Obama- "You Won't See Me as a VP Candidate"
We're Back!
The Knucklehead of the Day award

Wizbang Pop!
Paris Hilton Goes to Harvard
 Will Smith is finally a Scientologist
 'Heroes' Geeks: Your dolls are in
Wizbang Blue
Wizbang Blue - That's a wrap!
Official Chinese News Media Covers Muslim Riots
Jackson Family Circus Does Jehovah's Witness Faith No Real Favors

Wizbang Politics
Politics Is Not A Science
 Hawaii Congressman Neil Abercrombie kicks off run for Governor
 Alaska Senator Lisa Murkowski hurt in skiing accident
Wizbang Podcast
Wizbang Podcast #76
 Wizbang Podcast #75
 Wizbang Podcast #74
Wizbang Sports
Ex Pittsburgh Steeler defensive lineman Ernie Holmes dead at 59
 Golfweek noose elicits strong reaction
 Miguel Tejada's immigration status could be in trouble
Wizbang Tech
2K Sports' MLB 2K9 Coming In March.
 Digital Retro Photo Software Gadget
 Star Wars MMO Game Footage
Wizbang TV
One Seriously Unfortunate Product Name
 Tay Zonday
 America may not have talent
Watch the Wizbang News Channel
Watch the Wizbang News Channel