Wordpress Users, Check Your Registered User List

March 23, 2008

I recently got an email saying that I had a new user register here. Out of curiosity, I checked who it was, but neither the name nor the email was familiar to me. The username was alina77vere9uk and the email [email protected], which to me looked like the kind of email address that you'd see on a SPAM email, so I tossed it into Google to see what I'd find.

Sure enough, I'm not the only person who's had this user register. As pointed out over at the Cubelodyte's lair, this is most likely a bot that is registering on Wordpess blogs all over the Internet, and while it's not posting any comments, it's highly likely that it'll release some kind of SPAM payload at a later date. So, if you see this user register on your Wordpress blog, go ahead and delete them before then SPAM hits the fan.

UPDATE: The user joker says the following:

I really don't understand why people delete the account. I came up with what I think is a better solution than just deleting the account.

- I changed the password for that account.
- I made it so the user doesn't even have read rights. Thanks Role Manager.
- I changed almost everything about the user to indicate it is a spam account.
- I disabled the forgot password feature. Thanks WP-IDS.

That's actually a really good idea; keep the account active but disable it. That way the user can't be re-created. Crafty!

See all 65 posts