I maintain a blog for a friend of mine. It’s basically an aggregater of videos from other embeddable video sites, and provides a way for users to comment on those videos. Not really high-value content, but it’s a suitable placeholder until we come up with a better concept for what to do with what is arguably a pretty-valuable domain name.
Commenting is open without registering … but for the most part commenting activity is very, very low.
Over the past week the site has seen a spike in WordPress new-user enrollment. These new users haven’t commented on any of the videos, or interacted with the site in any other noticeable way, but they’re all enrolling with .pl (Poland) email addresses, and not a single one of them has commented after enrolling. I also haven’t noticed anything in my analytics that leads me to believe this is due to a referral link.
So what gives?
Why would users register with a blog only to not do anything with that account? Has anybody had this experience with a coordinated wave of user-registrations that led to something malicious? I’ve locked down commenting so that they’ll only show up on the site after approval, but I’m just trying to plan ahead for what may be a coordinated attack, and would like to know if anybody has experienced this trend with sites they’ve operated.