If you have read any of our previous articles on Pligg Spam you will no doubt already be aware that Pligg has had more than it’s fair share of spam related problems in the past. Pligg webmasters now face a potentially devastating new threat in the guise of an fully automated Pligg Submission and Voting Spam Tool titled AutoPligg from syndk8.net. Whether you currently own or are simply pondering starting your very own pligg website you will want to read this article.

On the 23rd July the Pligg Demo website was hit with a new type of spam attack originating from a tool titled AutoPligg, AutoPligg automatically creates multiple user accounts, submits stories and then even votes upon those submitted stories from the multiple pligg accounts that it created. This is really bad as by voting upon the stories that AutoPligg submits to you pligg site AutoPligg also effectively promotes those spam entries to the main pligg homepage.

As you can see this tool is a nightmare for any pligg webmaster to defend against. with pligg failing to effectively deal with simpler forms of spam than AutoPligg this particular tool could cause a lot of problems for pligg site owners.

Below is how AutoPligg describes it’s product.

Register unlimited accounts, post as much stories as you want and even leave comments on those sites.

• High quality 1 way links to your website
• Automatically register for accounts. Even breaks CAPTCHAs!!
• Create UNLIMITED profiles and indentities
• Submit stories and comment to 1000′s of sites
• Automated pinging after each submission
• Stats to show succesful submissions
• Proxy support
• Increase your page ranking
• Tag friendly
• Flexible features
• FREE lifetime upgrades
• Access to the private forum
• Get indexed in less than 24 hours flat! (google)
• Get indexed in less than 48 hours flat! (yahoo)

Some of the more worrying features are Proxy support and Create UNLIMITED profiles and indentities.

We decided to digg a little deeper into AutoPligg.

The user name used for the attack at Pligg.com was “whadu” and searching google for “pligg whadu” returned some interesting results, whadu has been a busy bot.

We found a pligg site titled http://newstime.ro that has been hit by AutoPligg using the whadu user name, and as you will see the potential threat it poses to pligg webmasters is huge.

NewsTime Wahdu Profile Page http://newstime.ro/user.php?login=whadu

Home Page Of NewsTime http://newstime.ro/

120 submitted links 109 published.

NewsTime Fake Automated Voters

http://www.newstime.ro/story.php?title=Gears_of_War_2_GDC_Unreal_Tech_demo

You will notice that all stories on NewsTime have the same fake voters to gain promotion to the published section.

One pligg user pingskie has made a post in the pligg forums requesting a solution on how to block this tool, as yet their has been no reply you can read pingskie’s post here. It’s worth noting though that there is currently no solution to combat the AutoPligg tool at the moment, none of the available modules at pligg will work to defend your site as will none of the available hacks.

Due to an image (Shown Below) on the AutoPligg website we would strongly advise that you remove the “Powered By Pligg” text from the footer of your template, this is one of the methods described by AutoPLigg as to how to find Pligg sites with Google.

With the pligg project’s lack of development problems and general disarray this is the last type tool that they wanted or needed to see released, as for pligg users it’s just another thorn in the side that’s will most probably cause a vast majority of users problems at some point. If you like this article why not bookmark, share or digg it to let other pligg webmasters know about the existence of such a harmful tool.

The AutoPligg site has some videos available of the spam tool in action that you may want to watch.

Visit: AutoPligg

Big thanks to graphicsguru of FoxieWire for the tip off on this tool.

Update: Pligg users are reporting  that using reCaptcha may stop this threat but this still theory, without confirmation though we cannot say 100% whether reCpatcha will stop an AutoPligg attack we really hope it does. It would be advisable to enable reCaptcha as it’s a better option than the standard pligg captcha to begin with. It’s also worth noting however that reCpatcha is breakable in the past it was with the use of a perl based script, reCaptcha like an captcha based confirmation is not bulletproof although it is better than most.