jump to navigation

Malicious Code Appears on Blogger.com March 17, 2007

Posted by grhomeboy in Blogging, Google.

Blogger.com ( Google ) is one of the most visited blog sites. Due to its popularity, hackers have started to embed malicious scripts on some blogs. These scripts have shown up on hundreds of Blogger.com sites. In some cases, a variant of the Stration mass mailer is responsible for directing traffic to the Blogger.com sites.

Pharmacy Express
One script redirects the user to a “storefront” for Pharmacy Express. The Pharmacy Express site is a phishing site, which is designed to coax personal details and financial information from visitors.


Another script downloads a 1×1 pixel image to track the browser information, such as, IP address, browser type and version, etc. While the Pharmacy Express site is hosted in China, the 1×1 pixel image is hosted on a site registered in the United States.

The Pharmacy Express phishers have been very aggressive in distributing the Pharmacy Express URL via mass mailers ( eg. Stration ). The spam message appears to link back to Blogspot.com ( screen shot below ). A blogger recognizing the domain may be more tempted to visit the link.


Honda CR450 enthusiast
Another example was discovered on March 5, and is an actual Blogger.com site that has been embedded with malicious code. The site, seemingly created by a Honda CR450 enthusiast, now infects visitors with the Wonka Trojan. The trojan is posted on a web site hosted in Russia. This site may have been chosen due to its popularity in search engines.


The above examples represent some of the malicious web sites that use the popularity of Blogger.com (under blogspot URLS) to exploit unsuspecting users. Other popular topics commonly linked to malicious blog sites include Star Wars, school, furniture, Christmas, cars and girlfriend.



1. chiaray2007 - March 17, 2007

yeah, i thought something wierd was going on over there, my systm would freeze up everytime i tried to check out that blogger site. i was trying to find another blog place for my saucy blog that doesn’t fit my writing at wordpress, guess that’s what i get for trying to be naughty!

Sorry comments are closed for this entry

%d bloggers like this: