Someone listing themselves as "jonny" and leaving bogus gmail accounts has started dropping redirect scripts into my comment threads. Right now it just opens Google, but it could have been used to launch malicious code for all I know. I added a line to Pollxn that destroys script tags, and searched for the relevant comments, so it should be safe now.
Anyone else seen this kind of behavior pop up?
The scripts are hosted at usuc.us, which is listed as belonging to a James Sullivan living in Colorado Springs. He runs designcolorado.com--don't visit, it's a porn gateway. Looks pretty seedy to me. And now I'm paranoid about leaving security holes in Pollxn's code. I hate being paranoid.
So I did what everyone should do when a spammer is dumb enough to leave their tracks out in the open, and I called him. A woman answered the phone, said he's out of town until Thursday. I'll try again then, and ask him why he's trying to obstruct my content and mess with my server. I'm sure the answers will be enlightening.