Random Gobbledeygook Trackbacks?

  • I’ve gotten several nonsense trackbacks within the last few hours, like this:

    Website: uuau (IP: 213.224.138.94 , D5E08A5E.kabel.telenet.be)
    URI : https://utyxbiioaeuvwx.com/
    Excerpt:
    <trackback />lqegnuwau
    evwvfuptqx

    Website: exxa (IP: 69.244.12.94 , pcp09353364pcs.tsclos01.al.comcast.net)
    URI : https://jzsunuvwx.com/
    Excerpt:
    <trackback />esvouafoh
    vdrom

    Website: ebuyaaoe (IP: 65.25.158.97 , dhcp065-025-158-097.columbus.rr.com)
    URI : https://jzsunuvwx.com/
    Excerpt:
    <trackback />zyjryqj
    ontyhkoa

    Website: joqzudzz (IP: 24.98.139.116 , c-24-98-139-116.atl.client2.attbi.com)
    URI : https://jzsunuvwx.com/
    Excerpt:
    <trackback />qqifexa
    oueciuca

    Has anyone seen a pattern like this before? Is my blog being “felt out” in preperation for a larger attack?

Viewing 6 replies - 1 through 6 (of 6 total)

  • I missed this post, and instead replied in this one. Sorry!

    Yes. Your blog is being felt out. I was getting this same junk for a while. I think they do it to every blog (automated of course) and then search for the random junk to compile a list of vulnerable blogs that they sucesfully commented.

    I was fairly active in deleting those random things as they came.. but just today I got whacked with a massive attack of them – this time they contained real links and keywords and such to adult oriented sites.

    My solution so far has been to get rid of trackbacks all together for the time being.

    The same thing happened to me as happened to Mork, first junk, now adult stuff, I’ve had about 8-10 comments in the last hour.

    Me too!

    Same with me. Some nonsense postings and today then the brute force attack started.

    For now, i have installed this >> https://mudbomb.com/archives/2005/01/05/trackback-spam-stopper-for-wordpress/ – it leaves a zero byte wp-trackback.php and moves its functionality to another file. Since, no trackback spam has come through (but this was just 30 minutes ago, so i’m not yet sure about it)…

    I received three gobbledygook comments today. Not trackbacks, just plain old comments. Here’s a sample:

    Author : Griffin (IP: 24.218.28.215 , h0008a10058bc.ne.client2.attbi.com)
    E-mail : [email protected]
    URI : https://uhnyrxeuiop.com/
    Whois : https://ws.arin.net/cgi-bin/whois.pl?queryinput=24.218.28.215

    Comment:
    <a href="https://uobifrobewqwer.com/">syahqivseul</a> poiuyt https://ghjklopxezaa/

    Weird, huh, that broken URL. They all contained the word “poiuyt”, perhaps that’s the string they use to identify my site? Added it to the blacklist just to see what happens. Also set approved=0 in the trackback file to prevent the trackback spam y’all mentioned, and turned on comment moderation for the night. I’ll see how it looks tomorrow.

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Random Gobbledeygook Trackbacks?’ is closed to new replies.