Spammers “Cracking” Accounts on Blogger

10. September, 2007

There seems to be a recent increase in spammers “cracking” blogger accounts and replacing the blogs with spam/porn/etc.

If you want to save yourself from some hazzle (like your boss asking why you advertise porn on your blog), here are a few tips:

  • Don’t blog while connected via WLAN.
  • Always log out after blogging.

If you have to blog via WLAN, always assume that everyone on this planet watches what you do. In our case here, the spammers don’t actually “crack” your account; they just copy the cookie which your browser uses to identify itself against the server.

Anyone who can present that cookie is “you”. So they listen for it when you talk to the server on a WLAN and, after you’re gone, they run a little script which deletes your blog and replaces it with spam. Takes a few seconds and is almost impossible to track down afterwards.

If you want to be safe, don’t use hotspots to connect to the internet. If you have to, you must set up a VPN, otherwise it’s just a matter of time until your blog will be “cracked”.