[WEB SECURITY] what is going on in these blogspot sites?

TheGesus thegesus at gmail.com
Sat Jan 17 16:06:19 EST 2009


There appear to be quite a number of them.  The link is sanitized.  I
wouldn't use IE to view them.  I hit them with Firefox & NoScript.

http://zkw-trbv2 . blogspot .
com/2009/01/el-paso-county-colorado-election_11 . html

There's Javascript in there hitting some servers in Germany, but what
is going on is beyond me.  It looks like some sort of IE XMLHttp
exploit.

They seem to be "free spacing" on major U.S. city names.  All the
content is garbage, and all the "Related blogs" are the same thing.
In the past few weeks they've been getting Google hits rated just
below similar, legitimate sites, so there must be some SEO going on.

Thanks for your insight.

----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/archive/

Subscribe via RSS: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA



More information about the websecurity mailing list