Forgot your password?
typodupeerror

BlueSecurity Database Compromised? 375

Posted by Hemos
from the bad-news dept.
EElyn writes "Numerous users of Blue Security's anti-spam system now report of a new form of aggressive spam. An unknown group of spammers claim to have derived a way to extract the member email addresses of Blue Security group's anti-spam system, called Blue Frog. Blue Frog, a small tool which once installed on the user's computer, enables Blue Security to systematically flood a known spammer's website with opt-out messages; much to the headache of the spammer. Tens of thousands of users have already signed up, so can it really be true that spammers now possess this database? Or is this yet another frail attempt by spammers to intimidate the user?" Another reader sent the text of the letter; read more to see.

Stray1 writes ""You are recieving this email because you are a member of BlueSecurity...." An email from unknown detractors has taken the Bluesecurity anti spam lists and decided to take matters into their own hands. I recieved this Email from an anonymous, and garbled host, which went on to say in not so fantastic english that I, as a Blusecurity member, would recieve this and many more (about 20 -30) spam messages a day until I left the blue security community. Blue Security, (www.bluesecurity.com)a website and community designed to lessen your Spam Email, is down for the moment. Is this what we have come to? Spam,(erm 'high volume email') companys holding your address hostage until you comply? "...We mightve had your email addresses before in our lists, but now, we are targetting YOU, because YOU are a bluesecurity user". I have to say, up until this point, my spam was down by about 70% to 80%."

This discussion has been archived. No new comments can be posted.

BlueSecurity Database Compromised?

Comments Filter:
  • Eye for an Eye? (Score:2, Insightful)

    by Anonymous Coward
    Blue Security to systematically flood a known spammer's website with opt-out messages; much to the headache of the spammer.

    And by flood I taeke it you mean spam

    When will the world learn, violence begets violence and spam begets spam. Lets find a real solution to the problem rahter then a vigalante justice.
    • Re:Eye for an Eye? (Score:4, Insightful)

      by Fordiman (689627) * <fordimanNO@SPAMgmail.com> on Tuesday May 02, 2006 @10:56AM (#15245358) Homepage Journal
      Blah blah blah.

      'Vigilante' would imply something illegal is going on. This is market forces at work - more effective, generally, than government intervention.
    • Re:Eye for an Eye? (Score:5, Interesting)

      by ScentCone (795499) on Tuesday May 02, 2006 @11:09AM (#15245506)
      When will the world learn, violence begets violence and spam begets spam. Lets find a real solution to the problem rahter then a vigalante justice.

      Actually, I've found that things some people think are unfortunate or bad beget shallow, empty platitudes.

      Sometimes, violence simply ends violence, because there is no other way. Sometimes, fighting fire with fire is the best way. Sometimes showing someone what it's like to suffer the consequences of their own actions actually changes their behavior.

      I'm all for as many technical approaches as possible, but finding "a real solution to the problem" that doesn't involve some degree of making this painful/costly for the spammers simply isn't going to work. Even if, through filtering, you can get 99% of the stuff blocked, all they have to do is increase the volume that much more to make that remaining 1% still pay off. Remember, they're not paying for their own overhead most of the time.

      Your "real solution" comment, in the context of "violence only begets violence" is completely tone deaf. You're applying Israeli-Palestinian-conflict-type babble to a completely different situation. The spammers are not oppressed, or the victims of some historical violent wrong... they're a parasitic, bandwidth sucking plague. Any means by which we can stop them is called for. Surely you don't think that you're going to just turn the other Bayesian Filter Cheek, or write a Korea-bound, thought-provoking appeal to integrity and expect the onslaught to stop? Tempting as it is, no one is suggesting actual violence - just a substantial response in kind, only when provoked. It's called self defense, and it's an appropriate measure because it only happens when an illegal spammer causes it to happen.

      How fortunate for you that you've never had anything violent threaten you, requiring you to offer up a physical deterrent to stop it. If you had, you might rethink your metaphors.
    • Re:Eye for an Eye? (Score:3, Insightful)

      by suv4x4 (956391)
      When will the world learn, violence begets violence and spam begets spam. Lets find a real solution to the problem rahter then a vigalante justice.

      Naaah, let's just spam the bastards 'till they're blue. If I got a blackmail message like that, I'd change my e-mail (I know it'as not easy but it isn't THAT hard too) and setup a friggin server cluster to spam the spammers.

      It's the war against spam people, if you're not with us... you're funding spam activities, there we go.

    • Its more than that (Score:2, Interesting)

      by Lanoitarus (732808)
      ...blue security takes another step, besides re-spamming the spammers sites. They also directly contact every advertiser featured in spam, asking them to stop paying these spammers because they sent emails to X number of users who arent interested. It may not be very effective, who knows. But its a great idea. If companies stopped paying for spam, it would sure dry up pretty fast, and the companies care allot more about the customers than the spammers. Im sure at least *some* companies genuinely dont even r
    • Whenever anyone says "violence never solves anything" I always remember the part in Starship Troopers where the History and Moral Philosophy teacher says "Perhaps you could tell that to the Carthagians..."
    • > When will the world learn, violence begets violence

      What a load of hippie crap. Next thing you will probably move on to even more idiotic bumpersticker philosophy like "violence never solved anything."

      Learn the difference between initiating force and resisting it. One is perfectly moral and one isn't. Resisting violence often reduces future violence instead of 'begating violence.' Since you lack clue I'll state the obvious, the violent only attack those who they believe to be weaker. (unless they a
      • What a load of hippie crap.

        I believe that some 2000 years ago they nailed someone to a cross who had pretty similar ideas.. Seems he has a huge following outside the hippie scene also. Ok, I have to say that he looked a bit like a hippie.

        Learn the difference between initiating force and resisting it. One is perfectly moral and one isn't. Resisting violence often reduces future violence instead of 'begating violence.' Since you lack clue I'll state the obvious, the violent only attack those who they believe
        • Re:Eye for an Eye? (Score:3, Interesting)

          by idesofmarch (730937)
          I believe that some 2000 years ago they nailed someone to a cross who had pretty similar ideas.. Seems he has a huge following outside the hippie scene also. Ok, I have to say that he looked a bit like a hippie.

          Are you actually trying to use the bible as a foundation for your argument?

          The problem is that you are wrong about whom get attacked by 'the violent'. They attack those whome are easiest to intimidate, regardless of actual strength. (which is one reason why terrorism is such an effective offensi

    • I disagree... Killing spammers will end the spam problem! Violence can be the solution, if applied correctly. Support the death penalty for spammers... It's the only way they'll ever learn.
  • I'd call the bluff (Score:5, Insightful)

    by Anonymous Coward on Tuesday May 02, 2006 @10:48AM (#15245262)
    If they're able to do so, what will stop them from *not* spamming you in the future anyway? Their ethics, integrity or your stupidity?
  • Screw the spammers. (Score:4, Interesting)

    by Vengeance (46019) on Tuesday May 02, 2006 @10:49AM (#15245263)
    What the hell does 20 or 30 messages mean? Nothing at all to me. I reject anywhere from 20 to 40 THOUSAND emails daily, on a domain with precisely two email users: My wife and me. The vast majority of the crap I get is easily rejected because it's sent to bogus (as in, they never ever existed) email addresses. SpamAssassin catches much of the rest.
    • Same here. It used to be worse (relative to the period) when I had my address within the company I created at the time (late 90s) with the domain dotcom.fr. Nowadays it doesn't really strain my line but it's still a bit sad to see all that crap thinking of the amount it represents worldwide.

      And I still know of people who don't have the faintest clue how to deal with it (i.e. no filters or anything).

      For the record I don't use the blue thing either, I maintain my own mail server.
    • they help with the chores...
      • Got two of 'em, but they're still a bit young for most chores.

        I'll tell you what: As soon as my oldest is big enough to push the lawnmower, my life is gonna get a bit easier! For now, though, it's mostly about helping to set the table and such.
    • > I reject anywhere from 20 to 40 THOUSAND emails daily, on a domain with precisely two email users.

      I've often wondered how on earth this gets to happen. I've been using the 'net almost daily since 1991 and I've never yet received a single piece of unsolicited email to any of my email addresses. Yet somehow I don't feel like I am in possession of some secret that no one else knows.

  • What must be done (Score:4, Interesting)

    by XxtraLarGe (551297) on Tuesday May 02, 2006 @10:49AM (#15245266) Journal
    We really need to take the internet back from these guys. Reply to every spam e-mail by going to their web site, and filling out bogus info. Give them bad information overload. Same thing goes for junk mail and telemarketers. When somebody sends you a credit card offer, send it back to them, writing "Take me off your list". Make sure they have to waste so much time throwing out bad mail that it isn't worth their time. When telemarketers call, ask them to hold on a minute. Then set down the phone and don't pick it up again for 10 minutes. That will dig into their costs.
    • by clevershark (130296) on Tuesday May 02, 2006 @10:53AM (#15245314) Homepage
      Seems like a good approach actually. Perhaps some script could be developed that would do nothing but look at a web form, fill in appropriate bogus info, and just hit the site repeatedly with bogus orders. I'll bet any CC provider would soon get tired of having to constantly do verification on bogus CC numbers and would end up closing the spammer's account.

      Sure, it's a nasty form of attack, but then that's no less than spammers deserve.
      • Re:What must be done (Score:4, Interesting)

        by Fordiman (689627) * <fordimanNO@SPAMgmail.com> on Tuesday May 02, 2006 @11:01AM (#15245408) Homepage Journal
        "Perhaps some script could be developed that would do nothing but look at a web form, fill in appropriate bogus info, and just hit the site repeatedly with bogus orders"

        Actually, there's a very nice client written in C++ that does a damn good job. No CC data or anything, but 'please remove me' forms. If you're confused, read the article again; it's mentioned.
        • by clevershark (130296) on Tuesday May 02, 2006 @11:11AM (#15245524) Homepage
          The only thing that most of these "please remove me" BS forms do is confirm that the email address is a valid one, and can be resold to more spammers. If anything filling those out actually causes more harm than good.

          If you're confused, read the article again; it's mentioned.

          Thanks Tips, but all four links in the article seem to be unreachable.
          • hmm... never mind, I see what you meant now, but I thought there was more information in the unavailable links.
          • The only thing that most of these "please remove me" BS forms do is confirm that the email address is a valid one, and can be resold to more spammers. If anything filling those out actually causes more harm than good.

            Possibly. Some of the links do embed information identifying your email address. If you're smart, you'll pull that out of the URL first.

            • Even then I don't think it's that effective a method, and the way it seems to be implemented (link is verified, then propagated on the network) it can easily be considered a DOS attack. What a smart spammer does to thwart things is just take the opt-out page offline, or better yet link to an opt-out page from a competitor. In any case anyone who makes good money spamming will have equipped himself with a load-balanced server cluster ahead of time just to counter this sort of tactic; it's not that expensive
          • Re:What must be done (Score:5, Interesting)

            by macdaddy (38372) on Tuesday May 02, 2006 @12:03PM (#15246107) Homepage Journal
            I used to be a big anti-spammer, back when I had time on my hands. I generated a list of proper-pronouns that was somewhere just over 500k long (I forget the exact #s now). I wrote a number of scripts that used wget and curl (depending on the form) to stuff addresses generated from the pronoun list and about a dozen spam-hole domains I registered into those Remove Me forms. Within hours I was getting tens of thousands of pieces of spam. Within days my Cox cable connection was saturated. I offloaded it onto a co-lo box for another couple of months before I finally changed the MXs to 127.0.0.1 and shut the system down. I had automated scripts for auto-forwarding a copy of the spam to the FTC and to post the messages to NANAS (news.admin.net-abuse.sightings). I also archived the incoming spam and used it to seed my Bayesian filters and DCC system for the ISP I worked for. I can't begin to tell you how effective that was. It was a helluva rig. I wish I still had time to dick around with that kind of stuff.
    • Re:What must be done (Score:2, Interesting)

      by haplo21112 (184264)
      Better Yet, tape the Business reply envelope to a Brick (wrapped in shipping paper), the Post Office has to deliver it, and it will cost the receiving company a fortune in shipping costs.
      • Re:What must be done (Score:3, Informative)

        by mpaulsen (240157)
        http://www.straightdope.com/classics/a2_356.html [straightdope.com]

        'According to rule 917.243(b) in the Domestic Mail Manual, when a business reply card is "improperly used as a label"--e.g., when it's affixed to a brick--the item so labeled may be treated as "waste." That means the post office can heave it into the trash without further ado.'
      • Re:What must be done (Score:2, Informative)

        by Drathus (152223) *

        Better Yet, tape the Business reply envelope to a Brick (wrapped in shipping paper), the Post Office has to deliver it, and it will cost the receiving company a fortune in shipping costs.

        No, they don't. And no, they won't [straightdope.com].

        To quote:

        'According to rule 717.243(b) in the Domestic Mail Manual, when a business reply card is "improperly used as a label" -- e.g., when it's affixed to a brick - the item so labeled may be treated as "waste."'

      • Re:What must be done (Score:3, Informative)

        by toastyman (23954)
        That would be awesome, but unfortunately it doesn't work [straightdope.com].
        • by pla (258480) on Tuesday May 02, 2006 @11:36AM (#15245801) Journal
          That would be awesome, but unfortunately it doesn't work.


          The brick idea, no. But the SD article made a nice suggestion - A rectangular chunk of nice thick sheet metal would fit well inside the return envelope, yet weigh far more than one ounce.


          Also, one point on the SD article:
          of the 161,000 people who wrote to the DMA last year, 116,000 wanted more junk mail. They were sent a booklet entitled "How To Get More Interesting Mail" (as God is my witness, I am not making this up), which tells you various key catalogs that you can send for to guarantee you'll be deluged with stuff.
          I can tell you exactly why people ask for more junk mail...

          They own wood stoves.
          • Just put a bunch of washers or rocks or pennies or fridge magnets or anything else flat and fairly heavy. I have some brake pad backs with the lining completely rubbed off that would be nice candidates.
      • Better Yet, tape the Business reply envelope to a Brick (wrapped in shipping paper), the Post Office has to deliver it, and it will cost the receiving company a fortune in shipping costs.

        Besides the problem of it just being disposal pain for the post office, I wouldn't want to pay for that darn brick.

        Also, don't bother getting clever with the form, as most of the time it's just scanned in (with the pre-printed information) and there is a chance that they won't figure out that you were just being 'funny'

    • Actually, that's exactly what BlueFrog does. Except it does it automatically, so we don't have to waste our time actually letting these people know they're useless.
    • Problem is, that to waste their time, you have to waste your time. I sometimes do respond to junk (paper) mail by sending random junk in the envelope. Sometimes I actually write a letter demanding they remove me from their lists. No matter what I do, it doesn't end. Capital One still sends me junk mail despite multiple letters between us -- me demanding them to stop, them reassuring me they will honor my request. Junk mail is even worse because it is more anonymous -- it is easy to forge headers and mask wh

    • When solicitors call me at work, I don't make them wait 10 minutes, but I do put them on hold for a minute or so. I figure that's enough to throw off their curve.

      We also have in our small company a fictitious employee whose sole job is to have telemarketers routed to his voicemail box.

      It's gotten a little tricky once or twice when vendors have showed up at our office actually looking to meet him!
    • You have a simplified view of reality. All of this might've worked 10 years ago. Then, someone tried it. Then, the spammers found a way around it. Today, you can be sure none of these simple schemes will cause so much as a dent in their revenue stream.
    • Re:What must be done (Score:4, Informative)

      by Pollardito (781263) on Tuesday May 02, 2006 @01:17PM (#15246819)
      When somebody sends you a credit card offer, send it back to them, writing "Take me off your list".
      you can get off the prescreened credit mailing lists altogether, just use one of the methods suggested on the FTC website [ftc.gov]
  • by stevesliva (648202) on Tuesday May 02, 2006 @10:49AM (#15245273) Journal
    Pretty soon the spammers will be conducting unrestricted submarine attacks on civilian shipping in the North Atlantic.
  • by Dynamoo (527749) * on Tuesday May 02, 2006 @10:50AM (#15245275) Homepage
    A big question here is.. is the database compromised? From the poking around I've done, it does seem that the only people who have received this message are BlueFrog users.. those who don't use it, don't seem to have it. It could simply be that the spammers have used tracking information embedded in the spammy URLs to find out who is using BlueFrog.

    BlueFrog has been criticised for it's so-called "vigilante" approach.. it's not alone in this approach, but perhaps this does go to show a potential downside: spammers are evil - pissed off spammers will simply direct the evil at the people who pissed them off.

    • BlueFrog has been criticised for it's so-called "vigilante" approach.. it's not alone in this approach, but perhaps this does go to show a potential downside: spammers are evil - pissed off spammers will simply direct the evil at the people who pissed them off.

      So what do we do -- surrender, because some spammer compromises this one system? Blue Frog has its own problems, but their idea is sound, if a bit "above the law." Let Blue Frog users forward the emails to them and let the company go after the spamm

    • Actually, that's not possible; the reply mails are from 'honeypot' accounts, created on your behalf for every e-mail you want protected.

      What's more likely: A spammer downloaded the 'e-mail list cleanser', copied his mail list, cleansed the copy and sent spam to the removed mails, thinking he's all kinds of clever.

      He's not. A quick spam-block-and-Blue-report, and guess what? No more asshat spam. Consumers one, spammers zero.
    • I am a victim of the blackmail letter as well. It's easy to figure out how the spammers got my email address, they already had it. They simply backed up their address book, cleaned their list with Blue Security's tool, then "diffed" the database to figure out who was BlueSecurity member.

      Another note, BlueSecurity is not Slashdotted. It is unavailable because of a DDoS attack started sometime earlier this week. The attack started submitting invalid PHP requests, making the site slow to a crawl and at times be completely unavailable.

      I write about it on my blog. [blogspot.com] More on the attack here. [realtechnews.com] The threating letter I received is also on my Slashdot journal.

      • The threating letter I received is also on my Slashdot journal.

        That kind of thing could easily inspire me to go medieval on that spamming git. "Blue security is forcing us"? What a load of bullshit!

        -jcr
    • I highly doubt the database was compromised. Rather, I am willing to bet that this spammer has a sufficiently large database that it was possible for him to correlate the mountain of opt-out requests he got to emails it was sent to and make some simple deductions. This makes me wish I could run two copies of BlueFrog on my machine at the same time, and double the amount of opt-outs I was sending him.

      As far as directing their efforts towards people like me, that's fine. That means less spam around the wor
    • by MrNougat (927651) <ckratsch AT gmail DOT com> on Tuesday May 02, 2006 @11:42AM (#15245875)
      Comments on BlueSecurity forums last night demonstrate that users with multiple protected addresses are getting these attack spams to some, but not all, of the protected addresses.

      What's lkely happening: Spammer has a mailing list. Spammer uses BlueSecurity's "cleanlist" tool to clean registered addresses from his mailing list. Compare original list to cleaned list - email addresses that are in the first but not the second are BlueSecurity registered.

      By this logic, email addresses that the spammer does not already have are not made available to the spammer in any way via BlueSecurity's own list. Delivery patterns of the attack spams support this observation.

      I'll also note that Gmail's own spam filters are already capturing all of these attack spams; I only got two in my mailbox this morning, about 50 more were filtered.

      This is the first time I'm aware of that a spam prevention service has worked so well that it's got a spammer pissed off enough to lash out. BlueSecurity++
    • A big question here is.. is the database compromised? From the poking around I've done, it does seem that the only people who have received this message are BlueFrog users.

      I have never used a blue frog :)

      Seriously, I have never heard of blue frog or blue security until Sunday or Monday when about 10 or so emails escaped my spam filter. I am getting these mails sent to a number of email aliases and even one harvested email address that is not known or valid. Regarding the harvested one, I'm assuming it ca
  • by caffeinatedOnline (926067) on Tuesday May 02, 2006 @10:51AM (#15245291) Homepage
    So, if I got this right, the spammers that are getting spammed are now spamming the spammers? Sounds like a flying circus to me!
  • by clevershark (130296) on Tuesday May 02, 2006 @10:55AM (#15245342) Homepage
    I'm sure that we're all interested in what these people have to sell... also that would probably cause a massive slashdotting.
  • Did they really expect the spammers to just sit there and not retaliate? It's been proven time and time again that spammers will go to any length to spam without regard to the law.
  • Did anybody else get a powerful urge to install the client on as many machines as possible?

    I can handle the increase in spam, I hardly ever see it anyway ( thank you spamassassin+bayes+RBL+spamhaus ).
  • Email I Received (Score:5, Informative)

    by duerra (684053) * on Tuesday May 02, 2006 @11:01AM (#15245413) Homepage
    Below is an email that I received, which pretty much confirms that they have been hacked.

    ----

    You are being emailed because you are a user of BlueSecurity's well-known software "BlueFrog." http://www.bluesecurity.com/ [bluesecurity.com]

    Today, the BlueSecurity database became known to the worst spammers worldwide. Within 48 hours, the database will be published on the Internet, and your email address will be open to them all. After this, you will see the spam sent to your mailbox increase 10 - 20 fold.

    BlueSecurity was illegally attacking email marketers, and doing so with your help. Many websites have been targeted and hit, including non-spam sites. BlueSecurity's software has been fully analyzed, and contains an abundance of malicious code. This includes: ability to send mass mail to users; the ability to attack websites with Distributed Denial of Service attack (DDoS); the ability to open hidden doors on any machine on which it is running; and a hidden auto-update code function, which can install anything on your computer and open it up to anyone.

    BlueSecurity lists a USA address as their place of business, whereas their main office is in Tel Aviv. BlueSecurity is run by a few Russian-born Jews, who have previously been spamming themselves. When all is said and done, they will be able to run, hide and change their identities, leaving you to take the fall. YOU CANNOT PARTICIPATE IN ILLEGAL ACTIVITIES and expect to get away with it. This email ensures that you are well aware of the situation. Soon, you will be found guilty of computer crimes such as DDOS attacking of websites, conspiracy, and sending mass unsolicited bulk email messages for everything from viagra to porn, as long as you continue to run BlueFrog.

    They do not take money for downloading their software, they do not take money for removing emails from their lists, and they have no visible revenue stream. What they DO have is 500,000 computers sitting there awaiting their next command. What are they doing now?

    1. Using your computer to send spam ?
    2. Using your computer to attack competitor websites?
    3. Phishing through your files for your identity and banking information?

    If you think you can merely change your email address and be safe while still running BlueFrog, you are in for a big surprise. This is just the beginning...
    • Do they even realize the sheer irony in accusing others of sending mass emails?
    • ... taken in the best possible light, the letter claims it is fighting a crime by committing another crime.

      Their predicate is questionable; I don't know, and don't want to get into, whether Blue Frog is doing anything wrong. However, whoever sent the email you cite is threatening spamming if the recipient of the email fails to perform a particular act. That may be cyberterrorism under USA/PATRIOT or some similar law.

      We need to put more spammers in jail by getting prosecutors to set up false-flag operation

    • If spammers begin writing to us, they'll only increase the form spam they receive.

      PLUS! The blue security e-mail database contains a bogus honeypot address per each valid e-mail address.

      If this rumour is true, it will be a fatal mistake for the spammers. Because the blue community are ALREADY fighting back. Not only with form complaints on the spammers' websites, but with FORMAL complaints to the FCC, geocities, Microsoft,the MPAA and the FDA about illegal offers.

      I joined Blue Security because I already receive 100 spam mails PER DAY. Do you think it'll make a difference whether I receive 100 or 500 e-mails a-day? (99.9% of it is sent to my junk-mail, where it's fed back automatically to Blue Frog)

      I feel no mercy for spammers. That's right, you're messing with the wrong guys. The release of this list will only make us MORE POWERFUL.

      Do you feel lucky? PUNKS?

      P.S. Interesting - the captcha for this post was "predate". I like it. B-)
      • I joined Blue Security because I already receive 100 spam mails PER DAY.

        I used to receive a couple of dozen per week.

        Then some bright spark decided to use my domain to spoof email addresses from for their spam.

        I checked my email at around 10pm last night. A little while ago, about 14 hours later, I checked again; I had 593. Now, it's not all spam, as I also get a metric shitload of bounces, along with the odd out of office response, an occasional "die spammer die!" mail, etc.

        So anyway, I sympathise with you
    • BlueSecurity is run by a few Russian-born Jews, who have previously been spamming themselves.
      [Clicks fingers, sarcastic] Damn, I knew those Zionist devils had to be involved somewhere along the line! I'm reporting this to Indymedia!
    • Re:Email I Received (Score:3, Informative)

      by MrNougat (927651)
      Below is an email that I received, which pretty much confirms that they have been hacked.

      No, it absolutely does not confirm that they've been hacked. See my previous comment about how it's likely that the spammer simply confirmed BlueSecurity registration for addresses he already has, but is unable to get new addresses out of the BlueSecurity database.

      http://it.slashdot.org/comments.pl?sid=184656&cid= 15245875 [slashdot.org]
    • Nice FUD but... (Score:5, Insightful)

      by Eric Damron (553630) on Tuesday May 02, 2006 @01:01PM (#15246668)
      Blue frog is open source...
  • by AugstWest (79042)
    Slashdot, a small website which once viewed on the users computer, enables teh Intarweb to systematically flood Blue Frog's website with web traffic; much to the headache of the poor frog.
  • by GISGEOLOGYGEEK (708023) on Tuesday May 02, 2006 @11:05AM (#15245458)
    The Gmail spam filter is filtering nearly every one of these spams, only a couple out of 60+ yesturday got into my inbox. .... and every one of that bastard's spams advertising a website went right to bluesecurity to hurt his business. He's just shooting himself in the foot.

    Contrary to what the author wrote, there's closer to 475,000 members, not just a few 10's of thousands, enough that several major spammers have already agreed to not spam members due to the huge financial hits they were taking with the bluefrog choking off their websites.

    What a joke, what dumbass would really believe that the spammers will not spam you if you leave blue security? Who here will admit to believing the criminals? ... I think that about covers the points that were lost when slashdot decided to post this boring version of the story, instead of what I submitted yesturday afternoon :)

  • What I received (Score:5, Interesting)

    by Carny Trash (972308) on Tuesday May 02, 2006 @11:06AM (#15245473)
    Here's what I was sent:

    "Hey,
    You are recieving this email because you are a member of BlueSecurity (http://www.bluesecurity.com).

    You signed up because you were expecting to recieve a lesser amount of spam, unfortunately, due to the tactics used by BlueSecurity, you will end up recieving this message, or other nonsensical spams 20-40 times more than you would normally.

    How do you make it stop?

    Simple, in 48 hours, and every 48 hours thereafter, we will run our current list of BlueSecurity subscribers through BlueSecurity's database, if you arent there.. you wont get this again.

    We have devised a method to retrieve your address from their database, so by signing up and remaining a BlueSecurity user not only are you opening yourself up for this, you are also potentially verifying your email address through them to even more spammers, and will end up getting up even more spam as an end-result.

    By signing up for bluesecurity, you are doing the exact opposite of what you want, so delete your account, and you will stop recieving this.

    Why are we doing this?

    Its simple, we dont want to, but BlueSecurity is forcing us. We would much rather not waste our resources and send you these useless mails, but do not believe for one second that we will stop this tirade of emails if you choose to stay with BlueSecurity.

    Just remember one thing when you read this, we didnt do this to you, BlueSecurity did.

    If BlueSecurity decides to play fair, we will do the same.

    We are quite sure you will think this will not continue, that we will not continue wasting our resources doing this, feel free to wait out the first 48, or the second, and see whether these stop, you will be quite suprised.

    If you have another email under the protection of bluesecurity, and have not recieved this there, do not worry, you will soon enough.

    We mightve had your email addresses before in our lists, but now, we are targetting YOU, because YOU are a bluesecurity user.

    You might also notice, that the BlueSecurity site(http://www.bluesecurity.com) is down..

    Just remove yourself from BlueSecurity, and make it easier on you.

    Sal Webber"
    • Brilliantly twisted world view, "We would much rather not waste our resources and
      send you these useless mails."
    • Anyone else notice the irony that they want us to remove ourselves from BlueSecurity's website but they want us to notice the site is down.... Tells you a little about their intelligence level.

      I for one can live with a high volume of E-mails of this type, now I just need to set any E-mail with the word BlueSecurity straight to spam. Remember no one is paying spammers to send E-mails to BlueSecurity users like this, eventually the all mighty dollar will make them go back to using their resources for profit g
  • Sorry if this has been discussed in the past, but what prevents recipients of spam from turning around and nuking the spammer's machine into oblivion? If you spam 10,000 machines, and then they turn around and tell you to quit it, repeatedly, until you stop, then mathematically it would seem the culprit's machine would be rapidly overwhelmed.
  • by paladinwannabe2 (889776) on Tuesday May 02, 2006 @11:14AM (#15245556)
    If BlueSecurity wasn't hurting Spammers they would ignore it. If they are fighting back it must mean that BlueSecurity is actually doing damage to them.
    • That's it in a nutshell. This alone inspires me to create some throwaway addresses, post around the net from them, and set up us the Bluefrog.
    • Amen to that. My ISP provides SpamAssassin at their relay, and after I signed up with BlueSecurity, I widened the tolerances so as to get more spam in my inbox -- the better to feed the frog with, m'dear.
  • I'll bet this spammer already has your e-mail address from some other source. He checks it against the Bluesecurity DB, and if it's a positive match, he sends you the Bluesecurity-targeted spam. Since there is no web site associated with these messages (because he's not selling anything), he does not suffer any consequences for these particular messages.
  • by Anonymous Coward on Tuesday May 02, 2006 @11:32AM (#15245767)
    From http://www.bluesecurity.com/Announcements/spam.asp [bluesecurity.com]

    As many spammers choose to comply with the Registry (see our recent blog posts here [bluesecurity.com], here [bluesecurity.com] and here [bluesecurity.com]), other spammers may resort to other means in an attempt to avoid compliance.

    A major spammer had started spamming our members with discouraging messages in an attempt to demoralize our community. This spammer is using mailing lists he already owns that may contain addresses of some community members.

    We have also received complaints from users about spam allegedly sent from Blue Security promoting our anti-spam solution and our web site. This is yet another tactic used by some spammers in an attempt to slander us by sending unsolicited email forged to appear as if it was sent from Blue Security. Blue Security is an anti-spam company determined to fight spam and as such never has and never will send unsolicited email.

    Our answer to those criminals should be one - we will not be discouraged; We will continue to exercise our right to opt-out of spam.

    If you are not a member of our community, now is the time to actively fight spam and make spammers leave you alone. For more information click here.

    If you are already a member of our community, make spammers hear you load and clear - report your spam, let Blue Frog fight spammers on your behalf.

    We regret any inconvenience caused by this incident.

    Best Regards,

    Blue Security.

  • This was sent out on an anti-spam list this morning:

    http://www.bluesecurity.com/Announcements/spam.asp [bluesecurity.com]

    "A major spammer had started spamming our members with discouraging
    messages in an attempt to demoralize our community. This spammer is
    using mailing lists he already owns that may contain addresses of
    some community members.

    "We have also received complaints from users about spam allegedly
    sent from Blue Security promoting our anti-spam solution and our web
    site. This is yet another tactic used by some spammers
  • I was unaware of bluesecurity, looks like a nice idea to fight with spam, I think it's high time for me to join them.
  • by drosoph (664471) on Tuesday May 02, 2006 @11:37AM (#15245817)
    From what I am seeing, I am now receiving 1,000s of these stupid "Because you are using the BlueSecurity Software ...." emails .... but they are all being directed to Mike, Jan, Cindy, Lucy, Bobby, and Greg@mydomain.com .... They are NOT directed to MY email address. These addresses that they are using were ONCE entered by an ignorant relative of my onto one of those online greeting card sites, (even mispelled) and those are the addresses that are being spammed. Since I ALSO registered my DOMAIN with BlueSecurity, I would ponder to guess that the spammers are using the domain list, matching it up to ANY email they have in their spam database with that domain and spamming the heck out of it. They HAVE NOT, I repeat, HAVE NOT hit ANY of my REGISTERED email addresses with BlueSecurity. They are only hitting random crap email addresses on my domain. They're shooting in the dark, they're angry, and they're running scared ... and I hope that you all keep up the good work!
  • then they laugh at you...

    then they fight you...

    then you win :D

    One thing is safe to know: At least the spammers are now PAYING ATTENTION to us. A year ago they didn't even know we exist. Then they tried to give bad publicity to Blue Security in anti-spam websites (they said bluefrog was a botnet).

    Later, SendSafe [oreilly.com] included an option to use bluefrog's list to NOT send spam to those addresses.

    Finally, they're targeting us directly. You know what that means B-)

    Also, I doubt the database's been compromised. I'm sure they only diffed the original and the filtered e-mail list. This means that only a small percentage of e-mail targets has been truly released.
    • I just got this funny one:
      <tt>
      Dies ist eine automatisch erstellte Benachrichtigung +APw-ber den Zustellstatus.
      +ANw-bermittlung an folgende Empf+AOQ-nger fehlgeschlagen.
      dunham@cardse.com

      Final-Recipient: rfc822;dunham@cardse.com
      Action: failed
      Status: 5.1.1

      ---------- Forwarded message ----------
      From: "BlueFrog member" <bryan@fordi.org>
      To: <dunham@cardse.com>
      Date: Tue, 02 May 2006 20:28:24 +0300
      Subject: {Spam?} FW:Join the top-level Israel internet sec
  • Simple solution? (Score:2, Interesting)

    by smbarbour (893880)
    Why not just sign spam@uce.gov up? That way the US government will have a nice log of who is sending these emails. Plus, if the spammer shares the list, there will be additional spammers who will happily be reporting themselves for violating the CAN-SPAM act.
  • by Audigy (552883) on Tuesday May 02, 2006 @11:39AM (#15245841) Homepage Journal
    The site hasn't been hacked.

    Hasn't anyone gone to bluesecurity.com to actually see what THEY have to say about this "security breach"?

    I have two other email address that WERE NOT signed up with BlueFrog also getting this spam.

    BlueSecurity's official statement is this: ...which I would be pasting here if I could get to the goddamned site. Thanks a lot, slashdot. I'll be back to post the full text once I can get in the bloody site.

    In short, the spammers are PISSED and they'll do anything to get people to unsubscribe from BlueFrog, including sending spams with lies. Don't fall for it. Keep fighting spam.
  • DoS and Explanation (Score:4, Informative)

    by cheshire_cqx (175259) on Tuesday May 02, 2006 @11:53AM (#15246013) Homepage

    According to this article [realtechnews.com] BlueSecurity is the target of a DoS attack.

    Also, here's their explanation of the spammer's countermeasure:


    This sounds scary, but it's not as bad as it sounds. Blue Security's email address registry remains secure contrary to what this spammer would have you believe. The way subscribers' emails were obtained was by checking the spammer's own list of emails against the Do Not Intrude registry. Normally spammers will get the emails of those who subscribe returned to them and will then remove those emails from their spamming lists. This one, however, has taken another approach. Instead of taking those hits off of his spam lists, he is sending them these intimidating emails.

    Makes sense to me, and explains why only BlueSecurity users are getting the emails.

  • by Tom (822)
    If it didn't cause them any trouble, they wouldn't bother, right?
  • by MrNougat (927651) <ckratsch AT gmail DOT com> on Tuesday May 02, 2006 @04:51PM (#15248868)
    I just got the following NDR email (which GMail flagged as spam, but I read anyway). Looks like the pissy spammer is using email addresses from his list in the From field, and generating false spam for BlueSecurity.

    I have deleted contact information at the end, for the sanity of those involved.

    Begin

    Subject: FW:Automaticly send 1000s of DDOS complaints for each spam you recieve

    The trackback URL for this blog entry is:
    http://community.bluesecurity.com/ [bluesecurity.com]

    Bringing spammers to Their Knees:
    Bluesecurity.com hopes you'll join thousands of others in an army capable
    of crippling spammers' Web sites.

    A few thousand spammers have ruined our internet. They've clogged our
    mailboxes with filth. Already, 90% of email traffic is made up of
    spam. Let us no longer blind ourselves to the irrefutable facts:
    current measures have failed to stop spammers. The experience of the
    past several years has proven that passive measures are just not the
    answer.

    Retribution is the only real answer to spam. We must punish spammers
    ourselves to prevent them from taking over cyberspace. We must reclaim
    our territory. We need direct action to eliminate spammers for good.

    The magnitude of the task which lies before us is great. We are fighting
    for the future of the Internet. What we need to do now is get as many
    users as possible into our community. We already have a botnet with
    hundreds of thousands of computers working together to induce commercial
    loss on spammers and their ISPs. We have launched numerous
    Denial-of-Service Attacks on Chinese spam networks with great success,
    and plan many more!

    We have excellent financiers who allow us continued success with our botnet
    growth and Denial-of-Service Attacks. We thank the government agencies
    involved
    for their continued cooperation. We thank our leader, Eran Reshef,
    for continued strategies of DoS attack operations. Also, US-based Rembrandt

    Ventures & Skybox Security for their extensive funding & continued support.
    And a
    very special thanks to Douglas Schrier who has helped our botnet come to
    life.

    If you haven't signed up with the registry and installed a blue frog yet,
    please sign up now.
    If your friends have not yet joined us, we will convince them to do so.

    Let's stop filtering spam and start eliminating spammers.
    Together, we will reclaim the Internet, One ddos at a time.

    Please Contact Us for any questions on signup via the following info:

    address and phone deleted

    Israel HQ: address and phone deleted

    Current and potential investor relations:
    Rembrandt Venture Partners address and phone deleted

    Fight back spam! Join our Botnet today.
    Download our .EXE here: http:/// [http] www.bluesecurity.com/ blue-frog/

HOST SYSTEM RESPONDING, PROBABLY UP...

Working...