Hell hath no fury like a blog comment spam engine unleashed upon your site(s). Trust me, I know.
As I was digging through my comment spam which now numbers in excesses of 1,000 spam comments/day on my "Following the White Rabbit" blog I noticed something. In the spam flood I would occasionally get an advertisement for the spam engine that created the mess. Interesting, I though - let's see how bad this thing is. Little did I know that what I was investigating was one of the nastiest, ugliest things I've ever laid eyes on as a "good guy" in information security.
The tool is called "X-Rumer" and it's developed and maintained by a Russian Federation-based organization that is known as "BotMaster Labs" -a fitting name to be sure. X-Rumer is a highly-effective tool which can very quickly over-run even the most hardy blogs, forums or other Web 2.0-style media sites.
What really started to open my eyes wide when I looked at X-Rumer 5.0 "Palladium" is the ability to breeze through CAPTCHAs... it's incredible how many different types of CAPTCHA systems this tool can break using its internal automation. Not only can it breach a CAPTCHA but also many of the more advanced pictocode types of systems (for example, identifying the picture of a non-smoking sign among other signs). Palladium treads the line of SPAM carefully by condering itself as a "correct spam" engine - which is interesting enough in that it generates fake responses, and text for the links that is drops into comments and posts.
X-Rumer is an incredible feat of code development... and sadly it's not used for the good of mankind - but for other nefarious purposes... most commonly link-spam. You don't want to have to square off against a tool like this - because odds are you'll lose. The only effective tool against something like this is reCAPTCHA (but it's rumored that even that will be broken by the tool soon). Not only can this tool auto-register itself on sites where registration is necessary, but it's also content-sensitive! If your blog is about football, there are link-spam comments that are tailored to football, so evading spam-detection engines is almost a certainty.
If the forum has more than one category, the software chooses the one most suitable for the message, otherwise it sends the message to off-top, flame sections or the like, and in case those do not exist - to the most visited category on the forum.This juggernaut is impressive, for a piece of nasty software that's sole purpose is to spread links and ... spam... to the world of Web 2.0.
Why in the world would I write about it? Because you need to know what you're up against - and why your blogs and forums keep getting spammed even though you have registration turned on and human verification on too... you just can't stop a determined spammer... money continues to drive these people and until we (sheeple) stop clicking their links they'll continue to be at it.