In the evening I got an automated email from my WP blog, that a user by the name â€œklamka13303â€ has registered on the site. I thought it to be suspicious as earlier also similar user had been registered on Technolism and later on posted an article in Polish which we later on rectified.
The same happened today also. ByÂ the time I could delete this suspicious user, it published a post in Polish titled â€œRachunki i konta bankoweâ€ which means â€œAccounts and bank accountsâ€ in English. It is some sort of a guide for â€œAccounts for young people.â€
This user registers with the email [email protected] and the user name â€œKLAMKA13303â€ with the role of a contributor and gains further access to the site using which it publishes the post directly without the permission of the publisher.
When I checked some of my friendsâ€™ blogs, they had also been affected and entering the search term as â€œRachunki i konta bankoweâ€ in Google, I found that there are more than 300k blogs that have been infected in the last 24 hours. Check out a screen grab from HBB, one of my friendsâ€™ blog.
WordPress had released a security update WP 3.0.5 in which this issue was resolved. I am not sure what they are going to do about this recent problem faced by bloggers around the world.
If you are also a WordPress blog owner, and have been infected with this spam user, immediately delete it from your registered users list and change your password also, for safety. Also, delete the Polish post published by this user as your readers are not going to like it. And if you have not been infected till now, well, you have got a reason to worry and delete such a user registration immediately.
Disable user registration and you will not affect from it
Hmmm.. ya Vivek… that is the option I have.. will do it… But that is a temporary solution…
Getting same Spam, and I hate it, I dont know how someone can publish post..
Ya.. Zeeshan… it happened to me and I understand the level of frustration 🙂
It rather happened 2 times… I have stopped user registration on my blog for now and I am not getting this problem after that.
It rather happened 2 timesâ€¦ I have stopped user registration on my blog for now and I am not getting this problem after that. yes
Our Company just had the same problem with a whole of infected New Registered User/Subscriber notices from multiple usernames and @o2.pl email addresses. Fortunately, we don’t not allow subscribers to post on our blog without our manual permission approval. We are trying out a WP Plugin called ‘Bad Behavior’ that has been rumored to stop these infected user bots. We will post the results of using that plugin here in the comment section to let everyone know how well this plugins works. Thanks again for posting this article!
Thanks Re-Evolution SEO, I would be really interested to know the results – do keep us posted here.. !
Did a little research. You can change the way people register on WP sites to cut down on this type of activity. http://wordpress.org/extend/plugins/custom-registration-link/
Also, you can install Wordfence Security which will also help. http://wordpress.org/extend/plugins/wordfence/
Wordfence Security is a free enterprise class security plugin that includes a firewall, anti-virus scanning, malicious URL scanning and live traffic including crawlers. Wordfence is the only WordPress security plugin that can verify and repair your core, theme and plugin files, even if you don’t have backups.
Hope this helps.
Also found another plugin that might be cool.
Thanks for sharing the plugin, Cris…