Hacker Alert for Webmasters

If the name Jim Rhodes and the company name deadlock Design ring a bell, you may be one of maybe thousands of webmasters who installed Jim’s free Refer Me script. Written in Perl, it’s a basic cgi script which visitors invoke to recommend your website to their friends.

The Disclaimer. Like most freeware it came with a disclaimer: “deadlock Design accepts no responsibility for consequences arising from use of this script.” This time, the disclaimer was necessary. Yesterday, a copy of the script was hacked by a SPAMmer who used it to relay thousands of advertising emails to AOL accounts.

The Damage.  The least of the damage was the hundreds of delivery failure notifications resulting from SPAM to closed, blocked or nonexistent accounts. The worst was AOL’s pre-emptive and unilateral blocking of all email originating from my service. Hopefully, it’s a one day block that will expire and not require explanations and negotiations.

An Alternative.  I don’t blame Jim or his circa 1997 script, written in simpler times. I blame myself for forgetting to replace that old script. A word to the wise. A more secure, freeware alternative from a source that continues to write and upgrade scripts is William Bontrager’s Master Recommend V3. Naturally, I accept no responsibility for consequences arising from use of his script.


Leave a Reply

Your email address will not be published. Required fields are marked *