Forgot your password?
typodupeerror

Spam War Takes Out Blog Services 315

Posted by Zonk
from the lj-writers-use-ddos'd-icon dept.
munchola writes "Following on from the story about spammers attacking Blue Security's anti-spam system, CBR is reporting that Six Apart, which runs the popular LiveJournal and TypePad blogging services, has become a collateral victim. Six Apart told its millions of bloggers it had experienced 'intermittent and limited availability for TypePad, LiveJournal, TypeKey, sixapart.com, movabletype.org and movabletype.com', before resolving the issue in the early hours of Wednesday. '[The spammers are] trying to rip apart the internet just to make our community stop fighting back against spam,' Blue Security's chief executive Eran Reshef said, adding that he knows who's behind the attack."
This discussion has been archived. No new comments can be posted.

Spam War Takes Out Blog Services

Comments Filter:
  • Is Blue Security going public with who's behind it?
    He should, so we can put on the pressure.
  • by Pig Hogger (10379) <pig.hoggerNO@SPAMgmail.com> on Thursday May 04, 2006 @11:09AM (#15262553) Journal
    Fighting abuse with abuse is bad.

    Swamping a spammer is not a good idea, because he can either redirect the attacks to an innocent third party, or simply pointless because they use stolen ressources, like trojaned computers that host illegal sites.

    The best way to eradicate spammers would simply be to go after their clients.

    • by ciscoguy01 (635963) on Thursday May 04, 2006 @11:14AM (#15262607)
      The best way to eradicate spammers would simply be to go after their clients.

      That hasn't worked yet. If you have some idea how that could be accomplished and effective against spam and spammers, please feel free to elaborate.

      Blue security seems to be causing pain to spammers, enough to get a rise out of them at least. Aren't they actually reflecting the spam back to the source? I think that was their tactic.

      If they are effective, that's a net positive in the spam fight.
      • Blue security seems to be causing pain to spammers, enough to get a rise out of them at least. Aren't they actually reflecting the spam back to the source? I think that was their tactic.

        I'm not so sure - read the last paragraph of the article:

        Neither Reshef nor TypePad's Sippey were comfortable talking about the technical details of the attack. Sippey said he did not believe it used the potent "DNS amplification" technique that emerged earlier this year.

        It seems a little...vague.

        I'm thinking there's at le

        • by ciscoguy01 (635963) on Thursday May 04, 2006 @11:50AM (#15262948)
          Even if that's not the case here, it's certainly possible for someone malicious to subvert Blue Security's agent in such a manner.

          It seems blue security has been compromised by the spammers.
          I can't see why blue security should be blamed- except for their security problem.
          The problem is spam and spammers, and it is ludicrous to think otherwise.

          I have been working on the spam problem for >10 years.

          The problem is lax ISPs and network operators who don't pay attention to their mail. Who don't jump on the trojaned machines on their network that are causing >90% of the spam problem in the world.

          I have had the same trojaned machine sending me the same spam every 15 minutes, from a school district. It took me days to finally get a shitty response out of the network operators there to get that machine shut down until it could be cleaned. They didn't seem concerned at all, it was like I was "bothering them" to ask them to stop that machine from spamming.
          I bet it was sending 150,000 messages between the ones I received. Obviously a major problem. They couldn't care less.
          Now THEY should have been DOS'd.

          Ya know, several years ago I asked one of the principles of Akamai to get involved, to provide some of the bandwidth and hosting in a fault tolerant fashion, which they reportedly are in a unique position to provide on their monitored distributed network. Practically cannot be effectivedly DOS'd. They thought my proposal "interesting" but didn't want to get involved for the good of the internet, because they didn't want to attract attention from the bad guys.
          It wasn't 5 or 6 months before they were DOS'd and extorted.

          EVERYONE is involved now. We are all being extorted by the spammers. If you cross them they will attack you, even if you just ask them to please stop spamming you.

          The only possible answer is responsibility. Networks being responsible for what goes on over their network. Shut down spammers. Don't rent them servers. Don't sell them bandwidth. Jump on problems, even on weekends and holidays, and you have to do it FAST.

          Nothing is going to stop spam completely, we can only increase the cost to spammers, and increase the costs for networks to sell to spammers. Make it uneconomical to have spammers as customers.

          When the cheapest T-1 a spammer can find is $250,000 a month, spam will stop.
          • Actually it was pretty conclusively said in the last Slashdot article on this topic that Blue Security wasn't compromised, what happened is that some spammer (which apparently they know but aren't releasing? That doesn't make much sense...anyway) took their spam-list, ran it through Blue's list-cleaning program which removes all BS subscribers, and then ran a diff on the result in order to get a list of people who'd signed up for Blue Security.

            Then he/she/it sent the people on this resulting list a lot of t
          • They didn't seem concerned at all, it was like I was "bothering them" to ask them to stop that machine from spamming. I bet it was sending 150,000 messages between the ones I received.

            And you didn't redirect the flood to their personal accounts why? Nothing seems to get a problem fixed quite as quickly as putting it back on the people causing it.

          • What makes you say they have been compromised?

            I've been running their client for MONTHS now and the most recent upgrade is much improved. It integrates with GMAIL and HotMail to make reporting SPAM quite easy. The result has been my reporting lots more SPAM to the system. It's no wonder to me that they are feeling the heat - my client has been working overtime submitting opt-out requests :-) I'm happy to use the bandwidth to help this cause out and would encourage others to do so too...

      • Blue security seems to be causing pain to spammers, enough to get a rise out of them at least. Aren't they actually reflecting the spam back to the source? I think that was their tactic.


        That logic is wrong. But in that tradition:

        The ememy is increasing it effort and sending more troups to us to fight us, we must be winning!

        -- Mohammed Saeed al-Sahaf Iraqi Minister of Information. 8)
      • That hasn't worked yet.

        It hasn't been started yet. There have been no large-scale operations to find those companies/entities who pay the spammers money to send spam. I saw one investigative report in a MSM newspaper that actually tracked some of the spam money. The companies who were purchasing the services of the spammers were not companies you might think would do it. However, beyond that one article, I've never seen anything that goes after those who pay the spammers for their services.

        You wan

      • I can think of plenty of ways to go after the clients. For instance, start a spam site selling "V1agra." Simultaneously produce a product called "V1agra" which consists of cyanide and strychnine, with instructions in fine print saying that it's only for pesticide use. Or or a message saying, "Guess what we did with your credit card number." Personally, I'd take credit card numbers, and then use their credit cards to run ads in their local papers announcing in huge type that this person was supporting th
        • Those aren't the "clients", those are the "idiots". Spammers are people who send the messages. Clients are people who pay spammers to send their messages. Victims are people and ISPs who have to cope with the useless load that spam causes. Idiots are the people who get spam, think "This $5 Rolex is just what I need so that I'll always know when to take my prescription-free C,41iS" and click on the link.
    • by jtdennis (77869) <oyr249m02NO@SPAMsneakemail.com> on Thursday May 04, 2006 @11:15AM (#15262620) Homepage
      isn't that counter to what you have in your signature?
    • All blue frog does is requesting to be opted out. One form send per spam received. No more, no less.

      4 of the 10 major spammers had already excluded the blue security list from their mass mailings, and their problem was solved. But this particular spammer, instead of complying, shut down Blue Security.

      Just because Blue Frog causes A SIDE EFFECT of disminishing the bandwidth of the spammer's website, is not Blue Security's fault. (It is our LEGAL RIGHT to request for opt-out, and to keep requesting it UNTIL IT IS FULFILLED).

      To say opting out is abuse, is nothing but legitimizing illegal (non CAN-SPAM complying) spam.
      • Just because Blue Frog causes A SIDE EFFECT of disminishing the bandwidth of the spammer's website, is not Blue Security's fault.

        Well,I have to disagree there. Anyone with half the technical know-how required to put together something like Blue Frog should have realised the likely effect immediately. Hell, it was only created in the first place because spam is such a huge problem because there's so much of it - it's entire reason for existing is because there's a flood of the stuff! Therefore, there will ne
    • The best way to eradicate spammers would simply be to go after their clients.

      No, there's a much better way [mosnews.com].

      • Sorry to disagree with you...

        But killing people does not solve crime (which is my reason to be against the death penalty).

        To put it in other words, shutting down an abuser does not shut down the system that promotes such abuse. The only way to stop spam is to make it non-profitable for spammers. And this is done by cluttering their sales forms with opt out requests (which is what Blue Frog does).

        Of course, if SPAM had been declared illegal in the first place... we wouldn't have to deal with this mess.
        • "Of course, if SPAM had been declared illegal in the first place... we wouldn't have to deal with this mess."

          You don't honestly believe that do you?!?!

          Most spam (in the true sense of the word) IS ALREADY ILLEGAL in that it is fraud.

          Spam doesn't operate in a vacuum. There is profit to the ISP hosting spam sites as well as the email accounts of known spammers. Add to that the security exploited machines and it makes email unusable.

          To put it in the words of spamhaus.org:

          "Although all networks claim to be anti-
        • Yeah, but if this happens to enough of them, it might get rid of some of the get-rich-quick types.

          I'm not advocating murder in any way, and honestly I doubt this had anything to do with spam (if you're involved in illegal activity in Russia, you're usually involved with organized crime. Piss them off and these things happen.)
        • The only way to stop spam is to make it non-profitable for spammers.

          Well, if sending spam results in your immediate and painful death, that sort of influences the risk versus profit equation, now doesn't it?

          Sure, people would still do it -- people smuggle drugs in places where that earns you a one-way ticket down a trapdoor followed by an abrupt ending -- but you're naive if you don't think that the threat of punishment is a large disincentive to crime.

          I don't go around robbing banks and stealing cars beca
        • But killing people does not solve crime


          True, but it sure as hell cuts down on the rate of re-offending.

        • As the fictional Vlad Taltos put it, killing people doesn't solve anything, but it does keep them out of your hair until you figure out what you need to do next. A few years ago a couple of Russian-immigrant spammers in New Jersey were also murdered - the general guess was that they'd burned somebody with the pump&dump stock scam they were running.

          Spam isn't going away until the economics make it no longer profitable. Laws can sometimes affect the economics (opportunity cost of being in jail, etc.,

    • Actually, that's exactly what I understood Blue Frog to be doing--going to the Web sites offering the products advertised in the spam, then filling out the order forms with words to the effect of "stop spamming Blue Frog users."
    • Fighting abuse with abuse is bad.

      Agreed, it's bad. Also when someone kicks you or hits you or whatever, if you beat him up, that's really bad.

      But you know what? It works. And in the end of the way, that's all that matters.
    • by bezzeb (442597) on Thursday May 04, 2006 @12:59PM (#15263558)
      Guys, I'm growing tired of the high moral argument that "it's not right to fight abuse with abuse" or "eye for an eye still leaves you blind".

      War and drama asside: I keep waiting for someone to make this point but I'm not seeing it yet.

      Spam is a solicitation to contact the advertised party in the hopes that you will give them money. Otherwise known as an advertisement. THEY CONTACT US. It's called the free market. In turn we all have the right to use the communication path they supply to request that they leave us alone.

      Is it illegal to contact some company you see on a billboard or in a TV commercial? What absurdity! What is this world coming to where everyone gets sucked into DDoS drama at every chance? Blue Froggers are just doing business within the realm of the law. No stretching the rules. No sensationalism.

      The only reason spammer servers crash is because they aren't prepared and are poorly designed. They have two options:
      1. Seriously upgrade their infrastructure to handle whatever degree of responses their advertisements generate & hire more staff to process the hits their ad generates.
      =or=
      2. Seriously decrease their advertisements to be in line with their capacity to manage their generated trafic.

      It's just economics and common sense. This DDoS talk is a waste of time - the Blue Frog client is much nicer to the spammers than they are to us. And this huge amount of anger directed at Blue Frog is proof that it bites into their freedom to be irresponsible.

      They can keep their pill pushing sites - I don't care if there are suckers out there dumb enough to give them money. I just want them to stop bothering ME. They will never get one red hot cent from me. They WILL get endless trouble from me as long as they continue to disrespect my privacy.

      All the best folks!
      B.
  • Blame fest (Score:5, Insightful)

    by LiquidCoooled (634315) on Thursday May 04, 2006 @11:09AM (#15262557) Homepage Journal
    fta:
    The spammer also launched a conventional bandwidth-consumption DDoS attack against bluesecurity.com. It was around this time that the company opened its new blog, which meant TypePad got whacked.


    This blue security article has been running for a few days now and the site hasn't been responding any time I've tried recently.

    Isn't it just another DDOS blame fest when in reality its just the news spreading around the world and all the collective users of all the collective news sites are clicking the links to try to read the story?

    A total slashdotting/digging/farking and general newsing all at once.

    It was the same when word spread about google going down.
    "OMG have you heard, google is dead?"
    *CLICK* "Yer, its not working here either" *CLICK* *CLICK* *CLICK*
    *CLICK* "Hey, its loaded here." *CLICK* "Oh crap, its broken again now.."

    We are all guilty of assisting this DDOS attack. shame on us.

    It will ease up once something else comes and takes our attention away from it.
    • by caluml (551744)
      And you didn't even link to the site so we could see if it was back up yet.
    • Re:Blame fest (Score:5, Informative)

      by shark72 (702619) on Thursday May 04, 2006 @11:59AM (#15263061)

      " Isn't it just another DDOS blame fest when in reality its just the news spreading around the world and all the collective users of all the collective news sites are clicking the links to try to read the story?"

      No. Here's what happened:

      1. The spammer DDOSed bluesecurity.com. Quite well, in fact.
      2. After a few days, Blue Security managed to get a redirect going to a blog they put up on blogs.com, which is run by TypePad.
      3. The spammer then DDOSed TypePad.

      Believe me, TypePad gets Farked/Dugg/Slashdotted every day. They can handle the normal traffic spikes. This was deliberate, and it was well documented.

      "We are all guilty of assisting this DDOS attack. shame on us."

      A drop in the ocean. TypePad can absorb these sorts of things. Make no mistake: TypePad was taken down by a deliberate, coordinated DDOS attack.

    • Re:Blame fest (Score:2, Insightful)

      by forevermore (582201)
      the site hasn't been responding any time I've tried recently.

      That would be because SixApart got the registrar/dns host to point bluesecurity.com to localhost (127.0.0.1) so unless you're running a webserver on your own box, you won't get anything.

      The main news behind this story isn't that a spammer is attacking SixApart, but that bluesecurity, which claims to be a consumer-friendly anti-spam service, in its time of crisis chose not to just take the hit, but instead shared their misfortune with a huge co

      • ...bluesecurity, which claims to be a consumer-friendly anti-spam service, in its time of crisis chose not to just take the hit, but instead shared their misfortune with a huge community of unrelated people.

        Sure, they make a mistake ONCE, and suddenly they're a bunch of hypocrites. Go ahead, blame the victim.
  • Kill the spammers (Score:5, Insightful)

    by pete6677 (681676) on Thursday May 04, 2006 @11:10AM (#15262571)
    I don't think spam will stop, or even slow down, until a spammer is seriously hurt or killed. Right now, they know there is no consequence to their actions. I'm not saying I personally advocate killing spammers, but it certainly wouldn't make me feel bad to hear about it being done. Spamming would be a lot riskier if there were an element of harm attached for the spammer.
    • by OrangeTide (124937)
      I'm not sure I would like an internet where my online activities could result in physical bodily harm. I would never become a spammer, but still I don't like the idea. If you hate spam so much that you want to commit assault or murder you could just sign off, quit using email, etc.

      I know you were just kidding, but some people aren't :(
      • If you hate spam so much that you want to commit assault or murder you could just sign off, quit using email, etc.

        Yes, quitting e-mail is a very realistic solution. And I suppose that if your home phone starts getting flooded by unwanted sales calls you should just stop using the phone?

        And if someone starts flooding the emergency services with spam calls?

        Basically, your solution to people deliberately abusing an essential service seems to be rolling over and letting them fuck you like a bitch.

        I know you wer
      • Can we at least smash their computers and cars (which are probably very nice) with sledgehammers?
    • I dont think hurting spammers will do anything. In fact this would make spamming more lucritive as the price would go up because of the danger/fine factor. All of a sudden if its worth enough and its more dangerous more fishy/criminal organizations would get into it.

      I think going after companies and websites advertised in SPAM woudld do more damage. Get a 1 mil dollar fine and they wont be making the same mistake twice.

      Taking away the source of funds/content for spammers will at least minimize spam.

      • All of a sudden if its worth enough and its more dangerous more fishy/criminal organizations would get into it.

        Aren't there already professional (crime) organizations already set up for hacking and spamming purposes? Yeah; hear no evil, see no evil, speak no evil.

        I think going after companies and websites advertised in SPAM woudld do more damage. Get a 1 mil dollar fine and they wont be making the same mistake twice.

        If I made just one PENNY for each spam e-mail I sent out, I'd quit my day job and just be

    • Yes, because that *so* worked with doctors who perform abortions.
    • I won't say I advocate the death of a spammer either, but I will say that I would dance in the streets if I saw such a headline in the papers. I'm not suggesting or even hoping that someone actually murders a spammer, but I am saying that I would not mourn their passing at all.

      Do I want them dead? I can't say. I can say I want them to STOP in whatever form it takes.
    • I don't think spam will stop, or even slow down, until a spammer is seriously hurt or killed.

      If that were true, drug running would have stopped LONG ago.

      The Mafia? "Man, I could get hurt!"

      "I stopped robbing houses after that one guy got shot by the owner. I mean, I thought they'd just accept the inevitable if I waved a gun at them, and now... I'm not so sure. To hell with my heroin addition, I'm gonna go straight before something awful happens to me! Community College, here I come!"

      Money does f

    • You're not SERIOUSLY saying that hitting the delete key, or any amount of bandwidth, is actually equal in value to a person's life, are you? If so, you may want to re-evaluate your worldview somewhat.

      Should there be fiscal and/or technological repercussions to spamming? Sure. But death seems a little bit ridiculous for an act that, at most, costs someone money.
      • You're not SERIOUSLY saying that hitting the delete key, or any amount of bandwidth, is actually equal in value to a person's life, are you?

        I'm certainly not. I want to see them in PMITA prison and destitute, but not dead.

        However. According to a report from 2004 [spamfo.co.uk], spammers sent about 12.4 billion messages per day. If it takes one second per email to delete, then that consumes 393 person-years to remove from our collective inboxes. Assuming an average lifespan of 75, that means spammers use the entire

      • Suppose it takes one second for every spam email that you delete. There are 2.2 billion seconds in 70 years. That's how many spam emails it takes to use up one average human life. Personally, every second I spend deleting spam is a second stolen from my life.
    • It's been done and spam hasn't stopped.
      Russia's Biggest Spammer Brutally Murdered in Apartment [mosnews.com]
      Vardan Kushnir, notorious for sending spam to each and every citizen of Russia who appeared to have an e-mail, was found dead in his Moscow apartment on Sunday, Interfax reported Monday. He died after suffering repeated blows to the head.
  • Techdirt [techdirt.com] has a different story on what caused the outages. The info they have came from here [digg.com].

  • by 3.5 stripes (578410) on Thursday May 04, 2006 @11:12AM (#15262585)
    Taking out spammers and bloggers?

    I can't see any down side to this, honestly.
  • Self-hosting (Score:3, Informative)

    by AKAImBatman (238306) * <<akaimbatman> <at> <gmail.com>> on Thursday May 04, 2006 @11:12AM (#15262588) Homepage Journal
    Ah, it's so nice to be self-hosted [intelligentblogger.com]. Back when I was on Blogger.com, myself and many other users who received links from Slashdot stories or news sites became the target of a spammer who's sole purpose was to screw up the service for everyone. He had a script that would bomb a blog with hundreds of racist messages, overloading the system in the process. (Sorry, blogger.com's software isn't that good.) I was forced to disable the comments, delete the entry, and recreate it. Thankfully, there were only a few anonymous comments on the current entry which were easy to recreate.

    While Blogger eventually added a captcha to solve the problem (after being non-responsive to support requests), it left a bad taste in my mouth. It was at that point that I decided to go self-hosted. I've never looked back. For the cost of a cheap hosting provider, you can setup a Wordpress installation that looks better, is more feature-rich, and automatically queues suspcious messages rather than allowing them to pass through. So while my site could be DDOSed if it was specifically targetted, it can't be overloaded with spam or used to take down other bloggers.
    • I am self hosted as well.... That doesn't mean the tools I am using is getting blasted with this same attack, whereas infact it is. I am finding b2evolution [b2evolution.net] is getting slammed with this same attack. *sigh* RFC 1087 needs to be given teeth.

      RFC 1087 Ethics and the Internet January 1989

      At great human and economic cost, resources drawn from the U.S.
      Government, industry and the academic community have been assembled
      in

      • That doesn't mean the tools I am using is getting blasted with this same attack, whereas infact it is. I am finding b2evolution is getting slammed with this same attack.

        How so? Were you on the same sub-net as SixApart, or did you get explicity targetted?

        RFC 1087 needs to be given teeth.

        RFC 1087 is an antique, a response to the November 1988 attack of the Morris Worm. The federal government no longer owns and operates the Internet, and thus doesn't have the rights to prosecute under destruction of private pr
  • Shifting attack (Score:2, Interesting)

    by Billosaur (927319) *

    "He's trying to rip apart the internet just to make our community stop fighting back against spam," Blue Security's chief executive Eran Reshef said of the spammer he believes launched the attack.

    LiveJournal and TypePad found themselves suffering the brunt of the attack when Blue, which says it has been targeted by a "top four" Russian spammer, redirected the front page of its website to a blog hosted at TypePad's data center.

    Reshef said Blue replaced the front page of its site with the TypePad blo

    • Re:Shifting attack (Score:5, Informative)

      by MrDoh1 (906953) on Thursday May 04, 2006 @11:30AM (#15262781) Journal
      They don't supply spammers with the addresses of their members. What they do is offer a tool that cleans our email addresses (which are contained in an encrypted database) out of their spam address databases. So all that was done is the spammer in question compared a pre-cleaned version with a post-cleaned version and any addresses that no longer appeared were obviously members of BlueSecurity.

      Also, the spam reports that are sent out are sent from a proxy type email address. My normal address wouldn't show up, but username@reports.bluesecurity.com is where it would come from.

      Personally, I see nothing wrong with sending 1 unsubscribe request per piece of spam I get. BlueSecurity has just automated this method so I don't have to take the time, and they also handle escalation to the proper authorities if the situation isn't resolved.

      If the spammer perceives getting 1 unsubscribe request per spam he sends a DDOS attack then I would think the best course of action would be not to send to those people. Heck, we are the ones who wouldn't buy anything from them anyway.

      Also, based on what I have read in the blog itself (when it was still accessible) it was a user in the comments that suggested redirecting the site and error pages to the blog so users would at least have some clue what was going on. It's likely they took the advice without contemplating the potential outcome.

  • by ZSpade (812879) on Thursday May 04, 2006 @11:17AM (#15262641) Homepage
    But have they got any better suggestions. The federal government is a *Joke* about bringing any kind of justice down on this filth, and so the masses remained *outraged* and *victimized*. To me a (A computer tech) I see people's computers every day that have been turned into Zombies. Some so bad that they have to be reformated. They are bringing in their computers to me, and paying hard cash for me to fix it and prevent it from happening again. That's real money, real damages everyone is having to pay every day. I guess you could spin it in a positive light and say it's good for the tech industry, but not if people start becoming afraid to even get on the internet because of what might happen to their computer. This is theft, this is vandilism and the governements of the world are practically standing by and watching it happen.

    So, do you have any better suggestions, if not then I kindly ask you to ommit your views until you can add something to the cause.
    • I'm a PC repair consultant and I can't even recall how many heartfelt thanks I've gotten, not to mention unsolicited cash bonuses from ma and pa residential clients, just for installing Mailwasher or Thunderbird or some other free and simple spam filter. Governments don't realize that people are DESPERATE for a solution as email is the primary means of telecommunication for more and more citizens each day. How long until governments and ISPs realize that it takes way less effort to buy an umbrella than to
    • The federal government is a *Joke* about bringing any kind of justice down on this filth

      It can if it wants.

      The gov't had Junk Faxers shut down before the Bush Administration opened the floodgates for them again this year.

      Big fines with an active vigilante^H^H reward system (private lawyers suing junk faxers) will defeat spam.
    • So, do you have any better suggestions, if not then I kindly ask you to ommit your views until you can add something to the cause.

      OK. Here's one. Summary execution for spammers and their families. It would solve the problem more effectively than anything else we've got.

      You don't have any better suggestions? Then don't you dare criticize this one!

      Sorry for the Modest Proposal (I do not advocate killing people over spam!), but the point I'm trying to make is: it's entirely legitimate to criticize an idea
  • If a kneecap or two happens to get broken, well, so be it...
  • I've devised a method [slashdot.org] to keep opting out while Blue Security's down. I posted it on my journal.

    The next step is automating the process, perhaps making a new version of Blue Frog that doesn't rely on a centralized server. Do that, and we'll regain our mailboxes.
  • *Puts on asbesto suit*

    That most DDOS attacks right now are done using botnets. If we should blame someone (besides our mediocre congress), it's Microsoft for having such a weak security in their desktop OS. And for not updating pirated copies [slashdot.org], which are used as botnets too!
    • Actually, there are OS X botnets as well.

      Quite frankly, the only real security laxes that Microsoft has had over the last few years (after the OE preview patch, and limiting ActiveX componenets), were the Sasser/Blaster type things, I blame the IT people who ASKED for those services (the ability to run code remotely) to be included.

      What people don't realize, is that once you run a malicious program on your computer, it doesn't matter what OS you're using. It can get its grips and do what it wants into anyth
  • Breaking point (Score:3, Insightful)

    by Stray1 (862245) on Thursday May 04, 2006 @11:47AM (#15262915)
    Speaking as one of the people who helped start the last bluesecurity article, I think we've all had enough time to reflect and debate on the 'fight fire with fire' technique that blusecurity has enacted. What this new DDOS attack has brought to the table is something a little different. Before the attack, Bluesecurity would send an equal amount of opt out requests as spam. THIS DDOS attack on bluesecurity, which is clearly illegal, is the breaking point. I'm not sure WHAT going to break, (of than someones ISP) but it has shed light on spammers intentions. Spam artists have always relied on the fact that their activities arent spefically illegal. With this attack they have really crossed the line- This event could be the event that got some sort of anti spam- legislation rolling, (or it might have the opposite effect). Something should come out of this though, if only to be remembered the 'bluesecurity incident'. Personally I was pretty pissed having some jackass hold my gmail account for ransom, especially since bluesec. was so ridiculously effective. FYI, despite the threats, I have recieved no greater amount of spam than when I was first threatened on monday (sunday). I dont think their database was compromised despite what joe spammer tells us.
  • Go open source (Score:2, Interesting)

    by djcatnip (551428)
    Wordpress [wordpress.org] is an excellent open source blogging tool. Couple that with Bad behavior [ioerror.us] and Spam Karma 2 [unknowngenius.com] and you've got yourself a near impenetrable blog to spam in your comments. The new version of Wordpress has tools to migrate from some popular blogging systems, so.. go check it out.
  • Take them out (Score:2, Insightful)

    by Anonymous Coward
    The spammer is in Russia. Let's hire the mafia nd take him out. Blue security has 500,000 members. If we all put in $1.00 each, we should manage to hire someone to take the spammer out. He won't be a problem after that, and he won't send any more spam.
    • The spammer is in Russia. Let's hire the mafia nd take him out. Blue security has 500,000 members. If we all put in $1.00 each, we should manage to hire someone to take the spammer out. He won't be a problem after that, and he won't send any more spam.
      And you know with certainty that the (insert least favorite ethnicity) Mafia isn't involved in some ways with the "local" spam racket?
  • They need more people so that it becomes non-viable to attack the community.

    I've not heard of BlueSecurity before, but after those stories, I'm signing up with them. I urge anyone who wants to help fight against spam and vandalism on the Internet do the same.

    After all, when noone can take care of a problem for you, it's time to step up and solve it yourself.
  • He says he knows who's behind it. He would not give a name, but said it was a "top four" spammer, who speaks Russian.

    Stop being cute about this and just tell us who. Information in power, and you're only facilitating this person's ability to continue to hide until you unmask him/them.

    • There may be enough clues in the article.

      1) it is a top 4 spammer who speaks Russian.
      2) in the top 4 spammers are two Russians and one Ukranian
      3) the top two spammers have decided to avoid bluehost customers

      Assuming Ukranian guy speaks Russian, if the bottom 2 of the top 4 include only one Russian speaker, then he's your guy. At worst, you narrow it down to two people.
  • by MikeRT (947531) on Thursday May 04, 2006 @11:54AM (#15262997) Homepage
    Need an analogy to understand why SixApart should sue? It'd be like a corrupt police unit grabbing a school bus full of kids to use as human shields in the middle of a gun battle with a gang while the cops try to fall back and call for backup.
  • by Anonymous Coward
    Let's review, shall we?

    First, these idiots set up an "anti-spam" service whose response to abuse is...abuse.

    Second, they use a fraudulent corporate name. (Use Google and search Usenet.)

    Third, they locate themselves on a network also happens to house one of the scummiest spammers on the planet.

    Fourth, they decide to redirect an incoming attack at an innocent third party.

    The only surprising thing is how many morons have actually DEFENDED these idiots.

    Recommendations:

    1. Permanently blacklist thei

  • by Jayfar (630313) on Thursday May 04, 2006 @12:08PM (#15263132)
    "Reshef indicated that a few thousand domains managed by a top-five domain name registrar may have been impacted by the attack too, but an executive at the registrar told us that it had seen some upstream troubles but no direct attack."

    Ha! All of Tucows services, including the managed dns and email defense services were completely down most of yesterday. The managed DNS service is still impaired until the new IPs of ns1.mdnsservice.com and ns2.mdnsservice.com propagate (they just this morning changed the TTL to 1200 secs %-).

    status.tucows.com

    Managed DNS Service Degraded Performance - restore time is currently unknown Beginning at approximately noon Wednesday May 3rd the Tucows network was under a severe DDOS attack. To stop the attack, we have changed the IP addresses of the servers. If you are using IP addresses in order to connect to MDNS, you will have to update your records. Also, any nameserver with a long TTL should be updated in order to use the new info. Next Update Time:15:20 UTC, 04 May 2006",/i>

  • To Stop Spam (Score:2, Insightful)

    by plaid_piper (920238)
    As always needs mentioned, Spam would not exist if it didn't have a market. The base problem is, as it has always been, that people respond to this.

    People could stop clicking, but that is unlikely to happen. Especially in America, people are always looking for the easier path: be it cheaper medication, promises of enhanced "performance," tales of rapid weight loss while sitting on your couch, or the constant get-rich-quick scheme.

    If people actually thought... yes, used higher brain functions... they m
  • I'm really disappointed in this mysterious top 4 spammer. I've been a member of blue security for somewhere around 4 months and I haven't recieved a single threatening email from him/her/it. I mean come on. I must have forwarded thousands and thousands of pieces spam to blue securtiy and yet he hasn't tried to black mail me once. Whats wrong with me? Maybe I'm just not trying hard enough, I only have 3 email addresses registered with the frog. OK mysterious spammer you've made your point. Only the best anti
  • Why not... (Score:2, Insightful)

    by spyingwind (961097)
    Just pull the plug on the web server... or
    redirct the domain name to 127.0.0.1(taking up to 24-48 hours to update) as one of the other posters posted...

    Why I ask is because where I work we had a similar problem and sence I maintain our web server we had no choice but to unpluge the network cable. Waited 5 minutes and pluged it back in and vwala! no more DOS.
    My best guess was that as soon as the DOS'er saw that our site was "down" they/it thought that there task was completed.

    It is almost( but not quite the
  • by Animats (122034) on Thursday May 04, 2006 @12:43PM (#15263409) Homepage
    Six Apart mitigated the attack to the point where it was no longer causing major availability problems, but had been unable to contact Blue. The anti-spam firm is headquartered in Israel, where May 3 was a public holiday.

    This is a 24/7 business. A serious online service vendor can't have company holidays. Least of all in the security business.

  • Blue Security Blog [blogs.com]

    Netcraft Article on DDoS [netcraft.com]

    My original article on the attack 4/1/06 [blogspot.com]

    The DDoS started with invalid PHP requests. I think the spammer is using a combination of methods to disable Blue Security now, but that's just an assumption. The question is, how long are spammers going to focus their efforts on the counter attack? Using their resources to attack Blue Security means less resources to send profitable spam. The spammer wants me to unregister from Blue Security's site, but at the same
  • by nblender (741424) on Thursday May 04, 2006 @03:04PM (#15264715)
    I don't associate spammers with the sort of people who have brains. This means that the spammers are hiring brains (not that it takes much brainpower to write php but I digress)... The sort of brains they'd hire are probably slashdot geeks....

    So which of you scumbags is responsible for this.

Philogyny recapitulates erogeny; erogeny recapitulates philogyny.

Working...