On Sun, Jan 24, 2016 at 3:23 PM, Alvaro Herrera
<alvherre@2ndquadrant.com> wrote:
> Keep in mind that our own MediaWiki installation has a custom auth
> system, using our community auth system. Which means that this wasn't a
> simple attack script for generic Mediawiki installations; if it was a
> script at all then it must have been tailored for our system somehow.
> Maybe part of it is scripted and the auth part requires a human to
> oversee.
>
> Either way, I concur that it's pretty scary.
I would assume it's some kind of affiliate system like the old
clickfraud schemes. Ever wonder what those "make money from home"
scammy ads were about? In the past they used to be pay-to-click
schemes where you got paid to go around clicking on ads. I bet they've
expanded to schemes where random people are paid for each link they
manage to put up somewhere on the internet.
--
greg