Search Engine Optimization & Web Hosting Solution

TOKYO (MacHouse) - What is Plone? According to the Plone Foundation (http://plone.org/), it’s an open-source content management system that works on different operating systems including Windows, Mac and Linux. (Screenshot 01 shows the index page Plone’s website.) Don’t ask us any questions about Plone. We learnt about its existence just about 90 minutes ago.

Screenshot 01 - Source: Plone Foundation

So why are we talking about Plone? An organized criminal group appears to have exploited more than a dozen websites. There are two common characteristics in the way they have been exploited. No. 1, Plone is installed at these websites. No. 2, as shown in Screenshot 01-3, the same web content is posted at exploited websites.  

Screenshot 02 - Source: Appalachian State University

Screenshot 03 - Source: University of California at Davis

Screenshot 04 - Source: University of North Carolina at Chapel Hill

The following is a list of Plone websites that are systematically exploited.

BIO SIGMAA at Truman State University (http://biosigmaa.truman.edu/Members/)

Caring for Deer & Forests (http://www.deerandforests.org/Members/)

Open Source Assistive Technology Software (http://www.oatsoft.org/Members)

iSummit Video Archive (http://video.icommonssummit.org/Members)

Seattle Plone Gathering (http://www.seattleplone.org/Members)

Foods for Health Institute at UC Davis (http://ffhi.ucdavis.edu/Members)

Current Community Discussions at University of North Carolina (http://community.fpg.unc.edu)

Center for Native Ecosystems (http://www.nativeecosystems.org/Members)

Appalachian State University Belk Library Portal (http://wiki.library.appstate.edu/access/Members)

Rgenetics (http://rgenetics.org/rgenetics/Members)

Wroctawska Drużyna Ultimate Frisbee(http://frisbee.wroclaw.pl/Members)

EngageMedia (http://www.engagemedia.org/Members)

Dementia Petitio Principii (http://www.dementia.waw.pl)

Just as with other systematically exploited website management packages, a major problem with Plone is that it uses a common folder. The Plone websites mentioned above all share the same folder name, which is Members. Because of the common folder name, exploiters will have little trouble locating Plone websites, using a search engine like Google.

Screenshot 05 - Source: hqhost.net

Let’s see quickly who is behind this systematic Plone exploitation. All spam posts point to the domain of rvusvktopyblya.com. A server hosting a website at this domain is traced to the IP address of 88.214.202.5. This IP address is allocated to a notorious organizaation called Real International Business Corp, which is known to be behind many scam websites. Interestingly, if you access the domain of rvusvktopyblya.com with a web browser, you will be instantly redirected to a website at hqhost.net. (See Screenshot 05.) This website is known to distribute computer viruses.

********** ********** ********** ********** ********** ********** ********** **********

MacHouse is not funded by tax payers' money. We have limited resources. We also need time to sleep and eat just as others. So we will not act as the International police to contact all victims of website abuse. All you have to do is to subscribe to spam messages and spam posts. If we can, why don't you?