Someone posts false comments like "what?" or "wow"
-
This month I found that someone started posting comments using my name (the comments show my gravatar) and my site name: muzycznekalendarium.wordpress.com on various WordPress blogs. Usually the comments are only one word like “What ?” or “Wow”. I am on free plan with only JetPack preinstalled (I have not installed any plugin) and I cannot understand how someone could get into my site. I use the theme found in WordPress.com gallery (Grisaille). I am the only user on this site. I changed my passwords, set two way verification, disabled trackbacks, pingbacks and comments but still I can see my name appearing on various sites commenting articles I never read. I don’t know what else I can do as the site is governed by wordpress.com. Any help is appreciated.
Thanks in advance,
JacekThe blog I need help with is: (visible only to logged in users)
-
-
Hi Jacek –
I’m happy to take a look at this. Could you please share some examples with me here? Thanks.
You’ve done the right thing by changing passwords and enabling 2 factor authorization on your accounts. Be sure you’ve done that for your email account as well.
-
-
Hi, these are the links to the sites the comments were made:Money and Photography
https://antarcticadaily.wordpress.com/2016/11/20/mars-turns-blue-after-casey-neistat-ends-the-vlog/Rebirth of the Strongest Female Emperor – 29
Criminals use IRS website to steal data of 104,000 people
https://hardtimesministries.wordpress.com/2018/05/07/house-of-god/ -
Some of them:
olafphotoblog.com (post “Money and Photography”)
antarcticadaily.wordpress.com (post “Mars turns blue after Casey Neistat ends the vlog”)
cherryclannovels.wordpress.com (post “Rebirth of the strongest female emperor”) -
antarcticadaily.wordpress.com (post “Mars turns blue after Casey Neistat ends the vlog”)
-
That’s on odd one. I can’t speak for the sites not hosted here, but if they’re commenting on a WordPress.com blog with your name, they would have to be logged in as you.
Is there any chance you’ve stayed logged in on a public (or shared) computer? You might consider changing your password.
-
I can’t speak for the sites not hosted here
Well, my blog is hosted here on wordpress.com. I guess it can be some kind od XSS vulnerability (maybe concerning the Grisaille theme). I have never used public or shared computer to get to my WordPress sites (I’ve got two sites). After I had changed my password and set 2 step verification, I still could see one or two comments with my name published.
I think it is not someone doing it manually but it is rather some script attacking comment sections of other people’s blogs. When they hit reply or click on it, it could inject some java script into their files. I cannot check my files as they are hosted on wordpress.com and I am on a free plan.
I have been checking “my comments” section from time to time and I have to acknowledge that spamming somehow stopped but it still makes my annoyed how this could happen.
-
Hi there,
The self-hosted site (olafphotoblog.com) is using Jetpack comments and therefore if someone was logged in to your WordPress.com account could leave a comment there.
Since I don’t see any other login attempts or password changes other than yours (last week), can you please check your browser for any malevolent extensions and also run a malware scan on your computer to make sure it’s not something on your end?
For malware and adware scans I recommend a free solution like Malwarebytes and AdwCleaner:
-
Hi fstat,
I checked my system with Malwarbytes and the results are fine. The system is perfectly clean. Can you check my files on your end?
-
There is no malware on your WordPress.com site – the type of code that is used to write malware cannot even be added to a WordPress.com site, but is deleted automatically if someone tries to add it to a post, page or widget – and we scan all content added to WordPress.com sites constantly just to be safe.
This also isn’t an issue with your site, but with your account being used to leave comments, and the only way this could happen is if someone else were able to log into your WordPress.com account when leaving those comments.
I see you updated your password a few days ago. Has this happened again since you did that?
I’ve force-logged out your account from all locations where it might be logged in. Please log back in and update your password again. If this happens again, please comment with a link to the post where the comment appeared.
-
I see you updated your password a few days ago. Has this happened again since you did that?
The latest false comments I could observe were made a week ago so I hope they are the remnants of this unpleasant situation. I scanned my office PC with Malwarebytes to find some trojan located in Piriform’s CCleaner. This could be the source of my problems with hacked comments.
Thank you very much for your help. Force-logging out was the best idea. I know I am still going to receive replies to my earlier false comments but I hope my site is safe again.
- The topic ‘Someone posts false comments like "what?" or "wow"’ is closed to new replies.
WordPress.com Forums 