Silent noise - about spam, trojans and other nasty stuff

Just cutting and pasting (and editing slightly) from http://matchent.wordpress.com/2009/12/24/matchent-com-hacked/ .
I'm still not quite sure how they got in.
It has probably more to do with my skills than any holes in Drupal.

A shell (GNY.Shell - findex.php) and a proxy (proxy.php) was uploaded, but where the weakness was (is?) is not known to me.

I would not be very much surprised if this turned out to be a part of the christmas hacking at evilzone.org.

So someone succeeded in creating the user "Administrator" on this blog a couple of hours ago.
And I have no idea how. Only a user with admin rights is allowed to create new users.
Giving an email address is a part of the routine when creating a new user. It was not done when creating this user.
Apparently no harm done. The role the user was assigned was not as an administrator, but an ordinary user with almost no rights at all.
Could have tampered with some comments, but did not.

And I still have no clue how this was done.

Came from the IP 72.167.232.86.

I wonder about the quality of the Viral Spiral idiots records:

Our records indicate you may be struggling to make your
mortgage payments, and may be falling behind on your payments.
If your income has dropped or you have another hardship that is
causing you financial difficulty, we may be able to help you get
financial relief from your home loan lender. Complete the form
to get a free financial evaluation to determine if you qualify
for payment relief.  I look forward to working with you

With a link to bratchaeal. com.

I've been wondering a bit about the mails I get from girls who'd like to meet me. The ones from Eastern Europe dominate.

I got an email from Africa a couple of days ago (I think) and some of the content went like this:

ADD my yahoo id below to your yahoo messenger and lets chat and please respect your respect as you come.

Somewhat later followed by:

Fresh in one of my inboxes:

You have received this e-mail because of the launching of State Vaccination H1N1 Program.
You need to create your personal H1N1 (swine flu) Vaccination Profile on the cdc.gov website. The Vaccination is not obligatory, but every person that has reached the age of 18 has to have his personal Vaccination Profile on the cdc.gov site. This profile has to be created both for the vaccinated people and the not-vaccinated ones. This profile is used for the registering system of vaccinated and not-vaccinated people.

When botnetters get lazy, get hit by Alzheimer or whatever:

Partially not worksafe, especially the index page or if you try to join.
tour1.html should be safe. Until someone changes the link to the pictures.

Part of this botnet:
http://dnsbl.abuse.ch/fastfluxtracker.php?domainid=534
(young-in-mature.com/tour1.html)