The BullGuard products and services are part of NortonLifeLock Inc., a global leader in consumer Cyber Safety with a portofolio of brands including Norton, Avira and more. Learn more at

Malware and spam in blogs



Malware and spam in blogs




Whatever attracts us on the Internet also attracts malware. So as blogs (short for web logs) became popular by 2003, spammers and hackers discovered new possibilities to spread spam and malware.



Blog spam (also called comment spam or spomments) is created by automatically posting random comments or promoting commercial services in the comment section of blogs, as well as in guestbooks, wikis, or other publicly accessible online discussion boards. Any web application that displays hyperlinks submitted by visitors is a potential target.

The goal of the spammer is to add links across the web that point to his website, thus artificially increasing that site's search engine ranking and the number of potential visitors and paying customers. This type of spam originally appeared in Internet guestbooks, where spammers repeatedly filled guestbooks with links to their own website and no relevant comment.




Most blog spam falls into one of three categories:

Comment spam - unsolicited and mostly unrelated comment on a blog that advertises a product or a website. Some of it might be added manually by a person to a particular blog entry, but most comment spam comes from scripts that can add many comments automatically to one post or many posts simultaneously.


Trackback spam - spammers develop scripts that use blog software's trackback features to automatically place spam on different blogs.

Spam blog (or splog) - a blog created for no other purpose than to advertise products or point visitors to various websites. Though ignored by most people, these blogs pollute the results of search engines that index websites.

Blogs hosting malware
Apart from spam, blogs are also becoming a means of spreading malicious code and keylogging software. Blogs are an obvious backdoor opportunity for unknown exploits to invade legitimate sites.

According to a report from March 2011, more than one million websites were believed to be infected with malware in the fourth quarter of 2010, nearly double compared to the previous year. The year 2010 also saw various variants of the computer virus Liza Moon using blogs to spread. Liza Moon has affected more than 4 million website, according to a recent report by The virus, named after the website that discovered it, was first reported on March 29 2010, with the first confirmed attack taking place in December 2010.

The virus infects computers by injecting malicious SQL codes on a website and redirects users to another website containing a Trojan. Users are then told their computers are infected by a computer virus and are prompted to download an anti virus software called Windows Stability Centre, the report stated.



As a blogger, you have several ways of preventing spam comments: from verification text boxes which require human action (such as typing the letters displayed in a picture) to dedicated prevention tools - such as Akismet for Wordpress. You can prevent more serious attacks to the blog structure by keeping your blog platform updated (just like you would do with your operating system).


If you don’t have one yourself, but like to read other peoples blogs, you can stay safe by having active and updated internet security software on your PC at all times.

Was this article helpful?