WordPress Sites Targeted in World Cup-Themed Spam Scam

WordPress-powered websites are being targeted in a comment spam campaign designed to get users to click on links to sites offering betting services on the 2018 FIFA World Cup games. Security vendor Imperva recently observed a botnet spewing out meaningless text messages generated from a template to comments sections in blogs, news articles, and other sites that allow people to comment.

The spambot has been attempting to post comments to the same Uniform Resource Identifier (URI) across different WordPress sites indiscriminately and without regard for whether the site is vulnerable or even has a comments section.

Read more about the new spam campaign using a ‘spray & pray’ approach to post comments on WordPress powered blogs and forums on DarkReading.