Google’s Blogger Platform Used to Aid Phishing Attacks

The New Acunetix V12 Engine


I’ve known for a while you can buy software for spamming and MFA (Made for Adsense) site generation for a few hundred USD which utilises Google’s Blogger platform (blogspot.com sites).

You will have seen all the splogs as they are called (spam blogs) hosted on Blogger, a lot of them scrape Darknet articles and repost them there with a hope of getting a few hits and some Adsense clicks.

That’s why we limit RSS feeds to only a few hundred characters, so they can’t syndicate our whole content. Anyway that’s beside the point, the point is now people are using Blogger sites for phishing aswell.

Surfing Google’s Blogger Web site is dangerous, warns Fortinet. Several of the blogs on the site have been taken over by miscreants and redirect to phishing Web sites or try to load malicious software onto PCs, the security firm said in an alert Wednesday.

In one example a Blogger blog redirects to what appears to be an online pharmacy, but is in fact a site hosted in China that’s part of a scam to trick people into giving up personal details and financial information, Fortinet said.

In another example, a blog site that appears to belong to a Honda CR450 enthusiast actually tries to install a Trojan horse, Fortinet said. The blog likely was hacked, Fortinet said.

Launching some malware from over there too, seems like people are getting more into online fraud as more and more less savvy users join the Internet masses and are easily conned out of their bank details or Paypal accounts or similar.

“These are not legitimate blogs that were compromised. They appear to be deliberately set up to promote phishing, which is against our terms of service,” a Google representative said in an e-mailed statement. “We are investigating, and blogs found to include malicious code or promote phishing will be deleted.”

Safe surfing tools such as Exploit Prevention Labs’ LinkScanner and McAfee’s SiteAdvisor could help protect against such malicious sites. Additionally, staying up-to-date on security patches, as well as turning off scripting in a Web browser and using common sense and caution help people to stay safe when traversing the Web.

Most of them are made for the purpose of conning people, I guess Google should be pretty strict with these and make sure they are closed down fast.

Source: Cnet

Posted in: Phishing, Spammers & Scammers


Latest Posts:


SCADA Hacking - Industrial Systems Woefully Insecure SCADA Hacking – Industrial Systems Woefully Insecure
airgeddon - Wireless Security Auditing Script airgeddon – Wireless Security Auditing Script
Airgeddon is a Bash powered multi-use Wireless Security Auditing Script for Linux systems with an extremely extensive feature list.
Acunetix v12 - Pause & Resume Acunetix v12 – More Comprehensive More Accurate & 2x Faster
Acunetix, the pioneer in automated web application security software, has announced the release of Acunetix v12 - more comprehensive, accurate & 2x faster.
CloudFrunt - Identify Misconfigured CloudFront Domains CloudFrunt – Identify Misconfigured CloudFront Domains
CloudFrunt is a Python-based tool for identifying misconfigured CloudFront domains, it uses DNS and looks for CNAMEs which may be allowed to be associated with CloudFront distributions.
Airbash - Fully Automated WPA PSK Handshake Capture Script Airbash – Fully Automated WPA PSK Handshake Capture Script
Airbash is a POSIX-compliant, fully automated WPA PSK handshake capture script aimed at penetration testing, it is compatible with Bash and Android Shell.
XXEinjector - Automatic XXE Injection Tool For Exploitation XXEinjector – Automatic XXE Injection Tool For Exploitation
XXEinjector is an XXE Injection Tool that automates retrieving files using direct and out of band methods. Directory listing only works in Java applications.


Comments are closed.