Lycos denies attack on zombie army

The company said that email reports that contained an apparent mirror image of the Web site when it was hacked were a hoax generated by the spammers.

"This is a hoax," said Malte Pollmann, director of communication services for Lycos. "We have obviously reached our goal and are getting to the spammers. On our servers we don’t have any logs of an attack. No one was able to verify that. I wouldn't be surprised if [the screensaver] causes this in the future. We have a couple of port scans, but that's normal."

The Web site was reported to have been inaccessible for some time last night and an email was sent to security company F-Secure with what appeared to be a mirror image of a defacement of the site that read:

"Yes, attacking spammers is wrong. You know this, you shouldn't be doing it. Your IP address and request have been logged and will be reported to your ISP for further action."

Lycos launched its 'make love not spam' campaign, which offers users a screensaver that helps to launch distributed denial-of-service (DDoS) attacks on spammers' Web sites, on Monday. The company said the screensaver uses the idle processing power of a computer to slow down the response times from spammers' Web sites -- much in the same way spammers use compromised PCs to distribute unsolicited email messages.

But Lycos also denied it was using denial-of-service attacks.

"I have to be very clear that it's not a denial-of-service attack," said Pollmann. "We slow the remaining bandwidth to 5 percent. It wouldn't be in our interests to [carry out DoS attacks]. It is to increase the cost of spamming. We have an interest to make this, economically, not more attractive."

Head of international spam fighting organisation Spamhaus Steve Linford said that by attacking spammer bandwidth, Lycos could inevitably be attacking innocent users' bandwidth too.

But Pollmann sidestepped the question of doing this: "We want to hit targeted bandwidth. We are selecting spammers form blacklists. We verify every address. Professional spammers run on very dedicated media."

Finnish antivirus firm F-Secure yesterday warned users not to participate in Lycos' campaign because it might involve "possible legal problems".

• Related stories

• Alerts

Add your opinion

1. But fact is the screen saver still doesn't work again and the web site is still unreachable... Anonymous -- 02/12/04

   But fact is the screen saver still doesn't work again and the web site is still unreachable...

   • Reply to comment
   • Reply to story
   • Report offensive content

2. This wasn't a hoax. They also weren't hacked. If the packets heading for the Lycos Bot controller tranisted AS701, that's the response they got. What's happening is that ISP's are blackholing the controllers. We've proved the clients are useless Anonymous -- 02/12/04

   This wasn't a hoax. They also weren't hacked. If the packets heading for the Lycos Bot controller tranisted AS701, that's the response they got.
   
   What's happening is that ISP's are blackholing the controllers. We've proved the clients are useless without being able to chat with the controlling servers. If those servers are filtered off the net, the clients are effectively dead.
   
   I predict we'll see the end of Lycos spam dos tool by weeks end.

   • Reply to comment
   • Reply to story
   • Report offensive content

• Just In

• Most Popular

• Most Discussed

Reader Services

Popular Topics

Essentials