Anti-spam advocate succumbs to spammer

By Greg Sandoval, CNET News.com

18 May 2006 11:59 AM

Tags: blue security, eran reshef, attack, ddos, threat, anti-spam, antispam, anti spam

A prominent crusader against unsolicited e-mail ads withdrew from an escalating cyberwar with spammers on Wednesday after his Web site and numerous others came under a massive retaliatory attack.

Blue Security, a company that provided anti-spam software and was widely praised for orchestrating a kind of do-it-yourself campaign to spam spammers, has "ceased all anti-spam operations," said Sandra Fathi, a spokeswoman for the company.

The surrender comes after the company's Web site, along with those of many of its partners, were hobbled by a denial-of-service attack earlier this month. The DoS attack, which used thousands of commandeered computers to overload the sites' servers with traffic, is believed to have originated with one Russia-based spammer, Fathi said.

The brazen show of power by the spammer is reflective of the defiant nature of these kinds of rogue advertisers. Almost as old as the Internet, unsolicited e-mail continues to swamp e-mail in-boxes and to clog servers, even as law enforcement agencies and regulatory bodies have tried to stop the practice.

Eran Reshef, Blue Security's CEO, thought he had the answer. He encouraged half a million of the company's customers to send replies to the spam they received. The combined traffic overloaded the spammers' servers and crippled their ability to send e-mails. This resulted in some well-known spam companies agreeing to stop e-mailing Blue Security's customers.

Blue Security's triumph was short-lived. Instead of capitulating, one spammer launched a denial-of-service attack earlier this month. According to security Web site SecurityFocus, the attacks overwhelmed several Web sites and Internet service providers. The spammer then threatened Blue Security.

The company could either shut down or the next attack would include a computer virus.

With innocent companies and Internet users potentially at risk, Reshef had no choice but to yield to the demands, Fathi said.

"The company is unable to fight this battle on its own," Fathi said. "This (spammer) has shown that he's willing to harm hundreds of innocent bystanders...(Reshef) didn't want to take the risk that these other businesses would come under attack."

Blue Security is now trying to determine whether there are other uses for its anti-spam technology, she said.

Talkback (5)
Print
E-mail
Share
- del.icio.us
- Digg
- Reddit
- Slashdot
- StumbleUpon

Talkback 5 comments

Add your opinion

Disgusted fed up -- 18/05/06 (in reply to #120134544)

I am really astonished that will all the power, "intelligence" and technology that countries like USA claim to have, extorters like this spammer are not stopped, even caught.
Even rogue bot machines still have to be given orders to spam leaving traceable backward communications logs.
Capture a few bots, work back from there.

Its just either a testimony to corruption or sheer laziness that Agencies and ISP's can't put a stop to blantant attacks like this.
If its politics. Work it freaking out. Just do it.
What ... not enough money in it for them yet.

Disgusting.

There's your "cyberterrorism" Craig Ringer -- 18/05/06

The Americans are constantly sqawking about cyberterrorism. Well, there's your cyberterrorism right here - a russian spammer crippling companies, customers and ISPs with illegal attacks to protect his (almost certainly illegal) spam business.

What're they going to do about it, with all this "cyberterrorism readyness" stuff? Nothing, I'm sure.

Well said, Craig Eldon Rosenberg -- 19/05/06 (in reply to #120134550)

I suppose the cyberterrorism readiness stuff is only going to be put to work when there's an obvious attack or threat against countries or political organisations.

I wonder if Bluesecurity have tried reporting the incident(s) as criminal activity to any of the available law enforcement organisations? eg. see www.ic3.gov. And if they have, is anything happening? I can't imagine that they haven't reported it, actually, since they have been in the business of reporting the spamming (and fraud) activity forwarded to their servers by the bluesecurity community... Maybe there is actually a hot chase happening right now but it's not public, in order to retain a surprise element and / or gather more data before the spammer(s) start running / lying low?

...or should I not be talking about this in case it's true? (I hope it is!) :-)

Don't give in... Damian S -- 18/05/06

"For evil to prosper, all it takes is for good men to do nothing."

By giving in to these demands, all that has happened is to let the spammers know that if they threaten enough (damage), they will get what they want (anti-spam companies to back down)...