

Check out this hacker sting - poetry in motion - farms
http://wpmu.org/a-potential-email-attack-all-wordpress-developers-and-users-should-know-about/

======
lionyo
Amusing. Reminds me of how Garry's Mod deliberately enabled an error to shamed
pirates looking for help: it would throw an error code that was the user's
steamid :)

[http://www.gamepron.com/news/2011/04/12/garrys-mod-
catches-p...](http://www.gamepron.com/news/2011/04/12/garrys-mod-catches-
pirates-the-fun-way/)

------
brador
How did they extract such extensive information about him if he was just using
a WP plugin?

~~~
tripzilch
I'm assuming the blog the kid used the plugin on had all sorts of info and
links to his Twitter account, etc.

They left in his real name in one of the screenshots BTW.

IMO it's quite an entertaining SocEng attack. And he just wanted to get the
latest version of a commercial WP plugin! hahaha! I was kind of expecting
something more malicious: I thought either the source file he requested
contained login credentials or other sensitive info, or he was going to send
back a "patched" version with a backdoor in it.

Odd, how he went through all that trouble. Anyone know what the plugin does
BTW? I haven't looked, is it that good? :)

~~~
brador
Some people just REALLY hate paying for software. I've had users trying to get
a discount on a $3 product because they saw a "enter promo code" box (for
giving out free betas) on the payment page.

Of course, I removed the box :)

------
dramaticus3
So security minded they're using GPG, no wait ...

