My posts about WordPress spambot registration have generated a surprising amount of traffic to this site. While few, if any, of those visitors are actually hanging around after the fact, I’m getting enough hits that I figure I’m doing the WP community some tiny bit of good by raising what alarm I can.

Today’s bot registered with a name of jacob73kolp and an e-mail address of jacobkolp@gmail.com.

This brings the total of known bots to five:

• adol77dai51
• alina77vere9uk
• ralyjones25
• ken75muraski
• jacob73kolp

It looks like I also found a CAPTCHA plugin that will work better than Skullbit’s, which worked only briefly on the test server and then simply refused to function properly thereafter. Hopefully this new one’ll be enough to keep the bots out.

The captcha plugin isn’t working correctly. At least two people have notified me that it consistently fails to process the string displayed in the image, and I’ve reproduced the problem. So if you’d tried to register to comment on the last spambot-related post, sorry about that!

The plugin is disabled until I can figure out what’s wrong with the thing. It’s always gotta be something…

The third time is supposed to be the charm, but it took four for me. Another bogus user, “ ken75muraski“, with the address “muraskiken@gmail.com”, registered last night, and didn’t post a comment. Same pattern of firsnameNumberLastname, associated with a Gmail address. ¡Adios, puto!

A quick Google search returns (at the time I write this) less than a dozen results, but, as before, the sites returned mostly disparate WordPress blogs. Some of the results mention more than one bot, which alone is not necessarily damning, but certainly threw another flag.

Jan 2, 2008 … Contributors. alina77vere9uk; ken75muraski; poorplayer; ralyjones25. Popular. Theatre Blogroll. Theatre Ideas. May 2008. M, T, W, T, F, S, S …

That makes four iterations of the bot that have registered:

• adol77dai51
• alina77vere9uk
• ralyjones25
• ken75muraski

As of lunchtime today, I’ve got a captcha system in place, so hopefully this’ll keep the phony registrations at bay for a while. The captcha images aren’t the best in the world, being rather easy to analyze for those apps that do that sort of thing, but hopefully they’re good enough to screen out the bots. Or this bot, anyway.

Spambot ahoy! This morning a new user account by the name of ralyjones25 was registered, with an e-mail address of raly.jones@gmail.com. Like its immediate predecessors, a quick Google search of that username returned over a couple thousand results, all of them from forum or blog user lists.

Looks like adding a captcha feature to your WordPress blog is probably a pretty good idea at this point. Register Plus is the only plugin I found that states it’s WP 2.5-compatible (there’s no mention of this on the author’s page, but the readme file in the download mentions 2.5 as well). If this “user” shows up on your blog, you’d do well to remove it.

It looks like whoever created the spambot known as adol77dai51 is at it again; a new out-of-the-blue, non-posting user account “alina77vere9uk” just got created today, with an email address of alina77vere@gmail.com.

A Google search of the name currently returns only 9 results, but they are just as disparate as their predecessor, appearing on English-, Chinese-, and Spanish-language sites. The naming convention is undeniably similar. While I am pressed to find any significant number of posts from the previous iteration, it seems clear someone is going to throw the switch one day and a whole lot of WordPress blogs are going to sink under the weight of spam posts from “registered users”.

Do yourself a favor and delete this “user” if it shows up on your own WordPress blog, just to be on the safe side.

After considerable (read: far more than was necessary) thought, I’ve decided to rename the Cubicle Life category Cubicle & Campus to better reflect the work environment I’ve been in for over a year now.

Not that blog taxonomy, much less this site’s, is interesting to anybody, but there it is anyway.