Skip navigation

The Attack of the Spam-Bots from Hell

After a couple of years of fairly simple, easy-to-kill comment spam bots, it appears that the web is under assault by a particularly vicious new criminal spam-bot. A friend of mine claims that in order to figure something out, outwit or beat something, you have to be 6% smarter. Well, folks, this new spam-bot appears to be 6% smarter than most current comment spam catchers.

But not completely!

It appears that and Spam Karma 2 WordPress Plugin, and other WordPress spam catching tools, are still 6% smarter. Okay, maybe only 4% smarter but they are working on getting back up to 6%.

Over the weekend, this new comment spam-bot attacked. I got a warning immediately from my Spam Karma 2 WordPress plugin when I went to check for comments on my main site. Akismet took a couple of days before catching most of the new comment spam, but it still responded well as it learned what was comment spam and what wasn’t as people responded. Spam Karma 2 had tips to help combat the spam immediately, and announced that the author is working on a cure and helping others to understand what we are up against.

Unfortunately, as some of you might have noticed, SK2’s performances as seen from the outside, seem to have dropped suddenly over the past few days. While the bulk of the spam still remains at the door, a meaningful percentage now manages to fly right through SK2’s basic filters. And given the numbers involved, even 1% of all spam attempts is a lot to deal with. There again: SK2’s blacklists learn, and conscientiously flagging each uncaught spam should help keep things under control, but this is still a major quality drop from SK2’s usual performance.

The reason for this sudden burst, is a new breed of spam, or more likely, of spambots. It is confirmed now that some spammers have gotten hold of much more efficient spamming tools. Ones that bypass some of SK2’s strongest filters without trouble…

…First of all, these spams do not present most of the idiotic traits of their lower colleagues: they do not try cramming hundreds of URLs or inserting hundreds of easily spotted junk keywords in the comment content. Instead, they use only the dedicated name and homepage fields to sneak in spam URL and keywords. The comment content is often perfectly innocuous, sometimes even topical (by copying parts of another comment or a trackbacking post). All in all, these spams could easily be missed by a human moderator who wouldn’t look carefully at the contact name and URL…

…However, looking closer at timestamps and a host of other small details, I am fairly certain these aren’t posted by a human, but are indeed a new breed of spambots. There are many ways I can think of, to make such a spambot with javascript-parsing ability and other “mimicking? skills… In fact, I’m just surprised it hadn’t been done before. But this new development is also worrying, as it seems to indicate that spammers have finally gotten hold of real coders to do the job: whereas previous spambots could have been the work of any random script-kiddies with half a brain and a vague knowledge of scripting, these seem a bit more thought out in their design and their implementation. This is particularly worrying as I do not know of any anti-spam system currently that I, or a somewhat similarly skilled coder (that is: not that incredibly skilled) couldn’t force through eventually.

So far, the overal dumbness of spambot programmers gave anti-spam plugins a very easy edge. Things will change if real coders start taking an interest in this no-doubt very lucrative market and starts churning out efficient spambots program to the spam monkeys. And do not doubt a second there aren’t or won’t be such black hat developers in this market (the same way there are in other domain of internet spam)… Even if Mark Pilgrim was slightly off the mark in his apocalyptic sum-up of the situation, he was certainly right on one point: there is huge money involved, certainly enough to pay the hourly services of a decent professional coder… perhaps even [cue ominous strings on the soundtrack]: of a coder already involved in the blogging community.

Unknown Genius – The State of Spam Karma

I think I’ve cleaned out a couple hundred comment spams that were caught between my blogs and about 50 that slipped through. It’s tedious waiting for the comment spam fighting programs to catch up with the evil criminal spam-bots, but they are working on it.

For those using Akismet, either through your WordPress or blogs, then you should be okay. Akismet “learns” as it goes so be sure and mark all non-spam as NOT SPAM and delete all spam to help it learn about what is bad and what is good. Within a short time it should be catching more and more of the comment spam that gets through. You need to know that Akismet uses a very high catching rate, which means that some of your “good” comments might be caught and/or never seen in your spam logs, though most should be visible.

For those of you using Spam Karma 2, like Akismet, Spam Karma learns what is comment spam and what isn’t. Some may get through but mark it as Moderated and slowly it will also learn to detect the difference between good and bad.

Also understand that this is a free WordPress plugin that requires long hard WEEKS and MONTHS of work, not just a few hours. The author, a poor student, offers it free, but if you are willing to help the process along, you can help encourage development with a donation. Any amount is appreciated, considering the benefit you get to your WordPress blog. Before Spam Karma 2, I spent a good 3-5 minutes a day going through ugly comments and deleting them, so consider 3 minutes a day, 7 days a week, 52 weeks a year adds up to just over 18 hours a year dealing with comment spam. I think that a donation of $50 for just over $2.70 an hour is a good amount to pay to save 18 hours a year, don’t you? Or give less, but give something to help this work continue.

And everyone else, if you don’t have these comment spam catching tools and are using a WordPress product, get these. If you are not using WordPress, I’m sorry. Good luck.

Site Search Tags: , , , , , , , ,
Copyright Lorelle VanFossen


  1. Posted November 7, 2006 at 12:03 am | Permalink

    How’s this working out for you? I ran into this post when I searched for wordpress spambot in Google.

    Really though, that’s why I moderate everything on my site … I hate to do it, but if it isn’t spam, it’s some jerk spouting off obscenities. Plus, the spam catchers seem to really hit my shared ISP hard (I sometimes get a few thousand hits per day on my humor blog, so the extra filtering sometimes makes me hit my CPU limits).

  2. Posted November 7, 2006 at 12:21 am | Permalink

    I do not force moderation of comments. I do not force people to be logged in to comment. I do not force visitors to dance through captchas, adding numbers or guess at bizarre spelled words. I now often get over 1000 comment spams a day and’s Akismet spam catching feature gets about 98% some days, 100% others. Only when there is a glitch in the system, or a new kind of comment spam that the filtering process hasn’t learned, does the false/positives get a bit skewed.

    On my other blogs I use a combination of Bad Behavior, Spam Karma, and Akismet, and rarely does anything get through.

    More important to me than comment spam is making my visitor’s visit a good one without any hassles, views of comment spam, or anything other than enjoying the content. Akismet, Bad Behavior, and Spam Karma make the world of blogging a much happier place.

    Is this working for me? Damn straight. The issue of server and database hits, though, makes me nuts. With my self-hosted blogs, I suffer. Luckily, with my blogs, that’s someone else’s problem. 😉

  3. Posted December 29, 2006 at 4:09 pm | Permalink

    I am having a similar experience. Adding the Akismet plugin for SK2 helps.

    One odd thing, the “spams caught” number no longer goes up. Other than that, everything seems to work.

3 Trackbacks/Pingbacks

  1. […] The Attack of the Spam-Bots from Hell […]

  2. […] Attack of the Spam Bots from Hell […]

  3. […] The Attack of the Spam-Bots from Hell […]

Post a Comment

Required fields are marked *

%d bloggers like this: