Suspected 360 Website Scanner Triggered Simulated Attack on My Blog

After disabling Duoshuo last week and switching to WordPress's built-in comments, I suddenly encountered a surge of spam comments and continuous injection attempts. Fortunately, WordPress's security held firm, rendering the injection attacks completely ineffective.

The attacker used the nickname "8888" and the email "hacker@hacker.org". The attack lasted for over half an hour, resulting in more than 50 spam comments, all of which were injection attempts. Initially, I suspected a human attacker and blocked the IP address, which immediately stopped the attack.

Later, after communicating with other users, I discovered that this was not an isolated incident. Many others had experienced similar phenomena. Some friends suggested it was a simulated attack by 360 to test for website vulnerabilities. I checked the 360 Webmaster Tools and confirmed that the detection time perfectly matched the attack timeline, making it highly likely that 360 was responsible.

However, a question remains: 360 claimed the website scan took only about 4 minutes, yet the simulated attack lasted over half an hour (it stopped only after I blocked the IP; I don't know how long it would have continued otherwise). What is the point of this? Moreover, 360 did not notify me that a simulated attack was conducted on my site, which feels highly unethical. Could this be a deliberate tactic by 360 to encourage users to purchase their "Website Guardian" service?

If you encounter similar situations, I recommend taking immediate protective measures. Please refer to the article: How to Effectively Stop WordPress Spam Comments.