Readers Behaving Badly – The WordPress Joe Job

24. Sep, 2007 3 Comments - Leave your comment

  

Readers Behaving Badly - An Angel Surrounded by Demons

A Joe Job is when users of a site are sent spoofed e-mails. These e-mails are filled with all kinds of spam and are intended to tarnish and forever damage the owner of the site. Readers who have received such e-mails can e-mail back, report the site to spam authorities, and even launch their own attacks.

As a WordPress plugin and theme author, it is scary to know that most WordPress blogs can easily be victims of such Joe Jobs. All a plugin or theme author would have to do is build in some kind of back door. If a popular enough site has the plugin or theme installed (and the author is malicious enough), the author can execute the code remotely and all hell can break loose.

Do you think this scenario is too unrealistic? It’s already happened on a large scale on WordPress 2.1.1 (although no damage really occurred).

Here’s what a modern-day WordPress Job Job would look like.

User Installs Theme or Plugin With Malicious Code

When the plugin or theme is activated, the author of the malicious code is e-mailed. Obviously if the author knew what they were doing, none of this would be traceable.

Since the author is e-mailed, the author knows exactly which blogs have his/her code ready to be executed.

Author Runs Malicious Code on User’s Site

The author then runs the code on the user’s site. The author is sent the e-mails of every commentator the site has ever had.

Armed with e-mail addresses, the author is ready to start the Joe Job.

Readers Are Sent Spoofed E-mails

A highly targeted spam campaign is waged against the readers of the user’s site. The user’s return e-mail address is used, and readers are more than happy to express their dissatisfaction.

Readers send in e-mails wondering what is going on, feed subscribers unsubscribe, and the readers start leaving nasty comments. Readers who have blogs begin to blog about this user in a very negative way.

The user has no idea what has happened and what the cause is. And the author of the malicious code is just lurking in the background as the readers of the site rebel.

Far-Fetched Scenario?

Hardly. When was the last time you checked the code of your plugins or themes? You never know what you might find and how trustworthy the plugin or theme author really is.

Fortunately the WordPress community is very vigilant and something like this wouldn’t last long. But it is always a good idea to make sure the plugins or themes you install are legit.

A Joe Job can be devastating for any site, but a Joe Job targeted at a site’s readers can be even more so.

Other RA Project Articles


If you like this article, please consider signing up for RA Project Daily Updates via email or directly to the RA Project RSS Feed http://feeds.feedburner.com/RAproject. Thank you!





Readers Behaving Badly, Series

3 Comments on “Readers Behaving Badly – The WordPress Joe Job” - Add yours!

  1. inspirationbit Reply 24. Sep, 2007 at 6:12 pm

    Bloggers beware indeed.

    hey, when did you add those stylish new social networking buttons at the end of the post? very neat.

  2. Ronald Huereca Reply 24. Sep, 2007 at 6:19 pm

    Vivien,

    I added them about a month ago I believe. I wrote a post on Devlounge about the social bookmarking icon site I got them from.

  3. Richard Reply 28. Jul, 2009 at 5:02 am

    i never know what you might find and how trustworthy the plugin or theme author really is.Fortunately the Word Press community is very vigilant and something like this wouldn’t last long. thank u for sharing.

Leave a comment

Please include your real name or nickname, along with your business name if you wish, in the "Name" box above. If you use only keywords in your name, a random name will be assigned to your comment.