Spam in my feed… Ugh…

Bloglines
No, my post yesterday was NOT supposed to mention Viagra extensively. My blog has been hacked. I’m working on fixing it.

UPDATE: After I posted this, Mihai Parparita brought to my attention that he’s also seeing this spam in Google Reader. (Thanks, Mihai.) So it appears my blog may have been hacked. This totally sucks, I’ll try to figure it out. Oddly, I’m not seeing the spam in Newsfire (my preferred feed reader) or Safari. Contentious readers, I invite your help in solving this problem. And my sincere apologies while I try to get this fixed.

Here, for the record, is my original post…

———————————-


I syndicate Contentious via Bloglines, a popular free web-based feed reader. My 50 or so readers there got an unpleasant surprise yesterday — my Nov. 9 post from Blogworld Expo contained a huge chunk of spam — text and an image.

No, I have NOT started hawking Viagra.

Somehow, Bloglines allowed spam to be inserted in my feed. I don’t know how this happened. I’ve notified Bloglines of the problem, and will update this post when I hear back. But I checked my blog’s original feed, and the Feedburner version No spam there. The problem appears confined to Bloglines.

This royally peeves me. One of the great advantages to using feed readers is that it helps you avoid spam. Until now, there hasn’t been a way for someone to insert spam into a feed; the publisher alone controlled which content got syndicated, and how.

Whatever this problem is, I hope Bloglines solves it quick and permanently — or else expect a mass exodus of Bloglines users.

Stay tuned.

(Thanks to Average Jane for alerting me to this problem.)

10 thoughts on Spam in my feed… Ugh…

  1. It looks like the same viagra spam ended up in the feed data that was crawled (and cached) by Google Reader:

    http://www.google.com/reader/view/feed/http://feeds.feedburner.com/Contentious

    The fact that both Reader and Bloglines have the same data makes it less likely that it’s a bug in Bloglines. I’m guessing that your blog was somehow hacked. When looking at your feed:

    http://feeds.feedburner.com/Contentious

    I see the viagra links in there too.

  2. Mihai — thanks for helping me figure this out. The odd thing is, I can see the spam only in web-based feed readers (bloglines and Google Reader). It doesn’t show up at all in Newsfire or Safari.

    I’ll need some help diagnosing and fixing this, but I’ve got some people I can call to help.

    Just when I was hoping to take the day off…. Sigh….

    – Amy Gahran

  3. It looks like the spam is in the original post too, you just can’t see it. However, if you do a view source and search for “viagra”, you will see (I’ve replaced angle brackets with square brackets to make sure the HTML is not interpreted):

    [p][font style=”overflow: hidden; position: absolute; height: 0pt; width: 0pt”][br /]
    alternative impotence natural viagra [a href=”http://www.industry.ucsb.edu/technology/blog/wp-includes/js/tinymce/themes/advanced/images/xp/1/index.html”]viagra[/a] viagra overdose[br /]
    free sample viagra uk [a href=”http://www.industry.ucsb.edu/technology/blog/wp-includes/js/tinymce/themes/advanced/images/xp/1/buy-viagra.html”]buy viagra[/a] viagra patent[br /]

    I’m guessing you can see this in WordPress’s post editor too. The CSS that’s applied is stripped by wed-based aggregators, which is why this is visible there. Desktop aggregators tend to leave CSS alone (since they have fewer security concerns), thus you don’t see it there.

  4. Pingback: contentious.com - Why blogging conferences is so damn hard

  5. I tried posting a comment to your Blog World post (recommending a bag) but when I hit post it said comments were closed. I just thought you’d closed comments. This would have been shortly after the post hit Google Reader for me as I had my unread count down to nothing yesterday.

    If you need a hand with the upgrade, let me know.

    – Neil.

  6. Neil — yes, come to think of it, I noticed that comments were set as closed on that post! I manually re-opened them when I saw it, and I figured I had just accidentally closed them. But it’s possible that could be related to this bug.

    I’m waiting to hear from my geek-on-call about the wordpress upgrade. But if he can’t do it right now, I appreciate your offer of help, and I’ll let you know.

    Thanks,

    – Amy

  7. Pingback: contentious.com - My blog got hacked, probably at Blogworld Expo

  8. Pingback: contentious.com - Spammer with a sense of humor

  9. Pingback: Wordpress & Spam at Journal of Crisology

Leave a Reply

Your email address will not be published. Required fields are marked *