A client asked me to check into a page on their web site that captures name and address registrations from users. The page is available to the public, and does not included a CAPTCHA. The form entries are saved into a database table, there were many entries clearly submitted by a bot over a period of time. Many of them had the address “3137 Laguna Street, San Francisco”, which presumably was just a piece of junk, the main prize was them adding a bunch of links off to dodgy web sites in a description field.
Out of idle curiosity I Googled the address. It’s a Chinese restaurant!
I bet the Syrian Electronic Army never leaves restaurant recommendations on the sites they attack 🙂
David Eedle 
Ha! Some spunk-monkey just used the same address when carpet bombing my site with hack attempts. My Google Fu technique brought me to your page. Thanks for posting.
I also has someone attempting to hack our website using this address. They didn’t manage to do anything but create 100 accounts using this address and different usernames that were trying to inject Javascript. Proud to say all attempts failed! Found your post while trying to find out who they might be.
3137 Laguna Street is the test address data used by Acunetix pen test software. Hackers are probably using a cracked version of that.
3137 Laguna Street is the test address data used by Acunetix pen test software. Hackers are probably using a cracked version of that.
Can those annoying injection attempts slow a shopping cart (shop) to a halt where it takes 15 seconds to open every page?
There are a bunch of things which could slow your site, need to look at the server, database etc etc and pin point the bottleneck.
Yep Accunetix. Their claim is that on-premises users can’t use the tool against your site unless it is cracked. I find that to be demonstrably false.