December 11th, 2004
I got more of these casino comments spam in the last 3 hours. This time the tactic is a bit different – using a bug in my Drupal for Bloggers where I forgot to check for empty captcha to get their comment spam through. Like the last time, it comes from different IP addresses and the referer has also disappeared. So the best guess is that it is embedded in some casino software which then invoke the browser to spam.
While the last attack has incomplete comments body, this time it post with complete sentence except the URL points to an non-existence host. Looks like their tool is still work-in-progress: the bad news is they seem to use my site as a development kit :P
ps: In particularly, they are attacking my entry on captcha for movabletype.