Slashdot Mirror
Bringing Down A Copycat Site
Nigel Cross wrote in with an interesting story from the world of software fraud. Cross writes "I found a copycat site fraudulently selling my own software and kept a record of the steps it took to bring him down."
← Back to Stories (view on slashdot.org)
Step one: Find out name of evil twin from mother.
From article:
:-P
> Dec. 24, 2005: I received an e-mail from
Now, how did you know that?
Connection closed by foreign host.
Dec. 24, 2005: I received an e-mail from a former colleague...
Talk about the mysterious future!
"Come on, let's go drink till we can't feel feelings anymore."
That's the solution to everything: /. it!
Think about it... Just post a link to that site saying that it's a fake, and just watch as it takes a slashdotting.
Now THAT'S how a nerd kicks some butt!
I know that a lot of people are going to compare this with suprnova/etc to support their stance on copyright law. Rather than take a side right now I would just like to point out that this is not just simple copyright violation. The site in question was also committing fraud and trademark violation, both of which are separate issues in addition to the copyright violation.
Awesome! Great work on taking the copycat's site down. There are way too many punks on the internet these days that will stoop to massive lows just to make a buck or two, it's pure garbage. I have many ideas always in the mix and I dare tell a couple people about them before the official release date - I've been ripped off by people before like this.
sadly, you know as well as I, it won't be long before your copycat starts up on a new hosting server and does the exact thing again.
Valkyrie is about to die! Wizard needs food -- badly!
Do you have any idea how much time and money it costs to sue? Sure, legal action would've fixed this mess in a jiffy, but then he'd be out thousands of dollars and hundreds of hours of wasted time before it was over.
To bad the hosting provider didn't take his complaint seriously. This guy can just pick the next company and start all over again.
I've heard here that people trying to protect their IP should just give up on their quaint old ways of doing business.
http://216.239.63.104/search?q=cache:Fuwwkr0yD5gJ: www.e-buyonline.com/
Google cache
Maybe, but from what I can tell it doesn't actually get supplied with any email addresses - it's just a mailing list utility program (which looks pretty good, actually), with hundreds of legitimate uses.
That said, some of the tools the software provides do look like being tailored towards the bulk advertising market...but they too also have some legitimate use...
Good luck buddy.
I will give him the benifit of the doubt though. Even if i get flamed for it.
Yes his software does make it easy to send email messages to alot of people, but there are uses other than spam for that. Not everyone knows how to use or knows about open source mailing list software. For novices, guis are good.
Just browsing his site and forums, it doesnt appear that he intents this software to be used by spammers. Though the name really sucks.
Used by spammers? maybe.. but i dont think it would give you great performance as other software will.
In America we are imprisoned by our fear of them.
For the record MailList King is more about managing a mailing list (handling subscribes, unsubscribes, bounces, double opt-in requests) rather than a bulk mail sender. Sure, like any e-mail software that can handle a lot of addresses it _can_ be used for spamming, but we deliberately do not add the tools that spammers like (random word insertion, obfuscation of headers, etc) so in that respect MailList King is not really spam software.
Nigel Cross
- chainsaws are used by serial killers?
- binoculars are used by stalkers?
- cars are used for drive-by shootings?
The fact that some products can be used for illegal purposes doesn't make producing the products wrong.
Every website wich collects e-mail adresses (so that's pretty much *every* website) has need for a tool to maintain their mailing list.
Oops, i was getting ahead of myself. I will correct that momentarily...
I'm thinking Nigel hasn't won yet.
http://www.e-buyonline.com/
Defecation occurs.
So, it's ok for KaZaA/BitTorrent/P2P as they have legitimate uses, even if they are used mostly for copyright violation, but it's not ok for this guy as it could be used for spam?
Give us a break. Can't have it both ways. The guy is just trying to make a living. If someone uses it to send spam, it's THEM that are at fault, not the writer of the software.
It's the same as guns don't kill people, people kill people.
This idea was invented by Shampoo.
He didn't write those. Take a look at his site. Only MailListKing belongs to him. All the other software was only advertised on the fake fraudulent site. Jees... lay off the poor guy and rtfws...
--jeff++
ipv6 is my vpn
It looks like his pirater just changed the name and icon of the software. www.ebuy-online.com now has a program called Maillist Pro with a different icon but the exact same key features (minus extraneous whitespace) and a description that only differs in that the word King doesn't appear.
Check it out:
http://www.e-buyonline.com/maillist.php
Totally dude. I mean, I can't believe Majordomo and Mailman are still being peddled. They should be the subject of much vitriol.
i mean his product is called "maillist king", right?
/didn't rtfa
well, sign the copycat loser up to every known source of spam in the universe, as befitting the skills of someone whose product is called "maillist king"
and then watch the copycat's server melt
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
Just browsing his site and forums, it doesnt appear that he intents this software to be used by spammers. Though the name really sucks.
Agreed. This guy deserves the benifit of the doubt on this one.
If you take a look at his other software it is clear that his business is not spam-centric.
Maillist King is no "SpamShoveler 3000" either, as it doesn't have many of the features that I see in the spam I have been regularly receiving.
Also, there are legitimate businesses that send out mailings to customers. There are a couple that I don't mind receiving that tells me about new stuff on the shelves.
So the criticisms are not justified IMHO.
Take the cheese to sickbay, the doctor should see it as soon as possible - B'Elanna Torres, "Learning Curve"
Look at the guy's site before you spout off. He has a lot of other software, most of it related to graphics. And MailList, like any mailing software, could be used for spamming, but its features seem more designed for (legit) mailings, discussion lists, etc. I don't think it has stealth features, to hide the sender, add chaff to confuse filters, and other such that would mark it as evil by design.
Is this karma? Well, maybe so. But two wrongs don't make a right. The proper way of dealing with this guy - if his program really is intended to aid spammers - is to make his software illegal or, better yet, convince him to stop writing and selling it. And even then, stealing and reselling the program is hardly an effective vigilante response!
You should NOT have stopped at the pulling of your gear.
Send all the emails to the admin at the host.
Do not give this bastard an even break. He obviously will not give others a break.
"Consider how lucky you are that life has been good to you so far. Alternatively, if life hasn't been good to you so far
I'm curious, he sent some mails and ended up with a smartass reply from the copycat who promised to remove the software.
...
A few days later the software is up on the site again
How is that "Bringing down a copycat site" ????
Wheres the screenshots of a hacked and defaced Copycat website?
Wheres the sentence from the judge putting Mr Copycat behind bars?
Wheres the info about the other 5 sites that went down at the same time?
Nobody has brought down anything yet, except maybe some laughter that can be heard all the way from Pakistan.
It is possible to send Spam using an MTA of your choice and a small shell script, do you also think that there are just a few situations where a shell and an MTA might be used for legitimate purposes?
Bullshit or not he is getting a free ad and I'd bet that that fact did not go unnoticed by him before he decided to post it. A pretty damm good free ad to if you consider the hits/clickthroughs I'm sure it will get. There's gotta be a least a few people who still RTFA.
MailList King is a piece of mailing list software, you know, the kind where you can set up a mailing list for discussion, or use it to send information to your customers. He explains it clearly on his site! Sure, you can probably use it for spam, but that's not the author's fault is it? If MailList King is spamming software, then GNU Mailman from GNU.ORG is too. Can you all see how ridiculous all this spam talk sounds?
If you people had actually bothered to visit the page and read the text, you would have known that the screenshot is of the scammer's site. Yes, those bulk e-mail programs, e-mail addresses for sale, and so on, are all completely unrelated to the author of MailList King software, apart from his program and the content of his site being ripped off by a spammer/scammer (it seems that the scammer has just renamed the software, but he still has the text from the actuall MailList King page on his site).
As far as I can tell, all the evidence so far clearly shows that the MailList King author is not a spammer or involved in such activities. Until someone posts evidence to the contrary, I suggest that you all stop shouting about spammers when the only spammer here is the guy who ripped off Xecute's software. Seriously, people.
One thing I'm disappointed about, though, is that he didn't follow up on this. The site clearly belongs to a spammer, and he rips off other people's sites and software, making money from spamming and scamming. As mentioned above, he simply renamed the mailing list software, but the product page on the scammer's site still shows text taken directly from the original page.
I would have hoped that this spammer/scammer could have been nailed down and kicked off the 'net. Perhaps someone else can pick it up from here and track down the scammer to put an end to his online adventure?
Clever signature text goes here.
When I read the article write-up, I just assumed I was in for some great tale of some peice of scum getting fscked. This was as mundane as going to see a batman movie and batman handles the final foe by calling his mom names.
"A man is but the product of his thoughts what he thinks, he becomes." -Mahatma Gandhi
Mailing lists are useful to:
-clubs
-websites with subscriptions
-charities
-schools
-businesses
-newsletters
-friends
and all of these are legitimate uses. I am not denying that spammers use these tools as well, but far more legitimate users use bulk mailing programs (think of the tens of thousands of clubs, websites, charities etc who use them) than spammers. Spammers may generate more email, I agree. But there are more legitimate mailing lists than spammers.
P2P, as I understand it, uses over 50% of the traffic on the internet (random source from google search), so I think it could be said it does a lot more damage to the internet through being a bandwidth hog.
Don't get me wrong, spam is a royal pain in the arse. But the guy has done nothing wrong. And the fact that his software is a useful tool for a few spammers doesn't change the fact that most users are likely to be using it for legitimate purposes. Most spam is sent from Windows computers. Most windows computers are not used for spam. The developers of windows are not at fault for the other uses their software is used for (like running 3rd party spam apps).
What you are saying is that Microsoft should stop complaining about pirated software because they are responsible for most spam, so the sell software to exactly the sort of people who pirate their software.
This idea was invented by Shampoo.
RTFA. The copycat only copied Maillist King which is a mailing list management package not a mass mailer. He abused the images for other software by applying them to spam tools. The rest was not software or any other tools from the original site. So the copycat is the one with the spamsoftware.
"Give us a break. Can't have it both ways. The guy is just trying to make a living. If someone uses it to send spam, it's THEM that are at fault, not the writer of the software."
/. - it will be easier to think of it this way...
Welcome to
* If breaking the law helps me get free stuff (piracy) or hurts Microsoft somehow then it is not only OK, but moral.
* If breaking the law might cause me some distress (stealing my logo, sending me spam) then that is evil and bad.
Got it?
--> Fight tyranny and repression.... read
Leaving aside the question of whether or not MK itself is a spamtool, was it really smart to post the steps that led to resolution? Nothing really forced this person to stop his actions; it was just threats with no guaranteed teeth, as the posting now explains to him. So why wouldn't he now just put the site back up, knowing that the threat was potentially empty?
Maybe the Pak site would have objected to his forged email, but maybe they don't care a bit - the article certainly makes it sound like Nigel was about to give up in frustration. Now the copycat site knows that..
-- Tony Lawrence
if this scammers site suddenly got knocked off the face of the internet by thousands of large UDP packets?
"It is not how things are in the world that is mystical, but that it exists." -Ludwig Wittgenstein
Forward a pointer to the bogus site to Microsoft's legal department. Notice the name? Notice the font used? Doesn't it look like it's designed to resemble Microsoft's logo? This is precisely the type of thing Microsoft Legal prosecutes with a vengeance.
Hey, just because you hate Microsoft doesn't mean you can't use them to your advantage occasionally...
Well goto here and all he did was change th icons and the names a little. Match the previous link with the one in the article.
This SIG pulled due to lack of funding. (This damn war is costing too much!)
Within minutes I received the following:
okey I had remove the logo and the software completely.
And with that single line I had won. I checked his site and all references to our software were gone.
Boy that really showed him! I'm sorry but I don't think emailing someone and asking them to remove the software "otherwise you will complain to the hosting company" quite constitutes the phrase "steps it took to bring him down". I was hoping for a story of how you chartered a private bounty hunting squad of ex-navy SEALs and pursued him through the jungle while your software was tied to a site under threat of being sold - hell it would have been nice if he'd been sued for $50 but asking him to remove it? Come on - more like "steps it took to send an email asking him to remove it" may be more appropriate!
Make the bastards suffer!
For those interested, yes, Xequte is the real developer. I went to the websites that gave the awards (which both the real and fake pages have the logos for). I had to Google for some of them.
WebAttack.com
TopShareware
Shareware River
The File Transit
Those four pages link to Xequte's website, not the fake one..
Nigel: I don't know if the original story was dealing with "e-buyonline.com", as someone on slashdot already pointed out it appears they just changed the name of your software and altered your logo (if at all):
"http://www.e-buyonline.com/purchase.php"
Some interesting things I've noticed about the domain:
Name: e-buyonline.com [67.18.82.84]
Aliases: www.e-buyonline.com
root@argc:~> g 67.18.82.84 | m
[whois.geektools.com]
OrgName: ThePlanet.com Internet Services, Inc.
Address: 1333 North Stemmons Freeway
Address: Suite 110, Dallas, TX 75207
Phone: 214-782-7800, Fax: 214-782-7801
Inverse DNS: welcome.topakistan.com [67.18.82.84]
ToPakistan.com Registrant Contact:
Welcome.ToPakistan.com
Khalil Ahmad (khalil@paksys.com)
+92.427596659 , Fax: +92.427583039
6-L, 73 Business Center, Shadman
Lahore, PUNJAB 54000 PK
I take it that's where your pak***.net (and also paksys.com is the same company, maps to the same IP address and WHOIS registration data)
WHOIS Administrative Contact:
Ahmad, Khalil khalil@paksys.com
116 Salem Road, North Brunswick, NJ 08902
732-297-8908, Fax: 732-297-8906
They are a U.S. company. The phone number confirms they are paksys software, also a gander at their website shows the same address and phone number. Calling the New Jersey phone number reveals someone with a thick Arab accent announcing "you have reached paksys software..."
They are located INSIDE the U.S., telco exchange shows that prefix (732-297) to be in Franklin Park, NJ.
Their hosting website also shows the same information, their "U.S." address available for visits by appointment only (could be a residence)
https://www.pakhost.com/?sect=0&subsect=40
The State of New Jersey will sell you the company filing information for a nominal fee, it looks like PAK SYS SOFTWARE is listed, their file # is
ID: 0400053874, go to the State of NJ's Business Entity search at
https://accessnet.state.nj.us/GatewayWatchNameS
Start with filing a complaint with the New Jersey state attorney general, this could get you some type of response (though I noticed you're
in New Zealand.
http://www.state.nj.us/lps/
Consumer Complaint form:
http://www.state.nj.us/lps/ca/ocp/ocpform.htm
Franklin Park, NJ is in Somerset county, start at:
http://www.co.somerset.nj.us/
It's true no man is an island, but if you take a bunch of dead guys and tie 'em together, they make a good raft.
I'm against the whole copycat website business and the guy selling the software seemed like a real jerk. But if you ask me that software really looked like spam software.
I downloaded the software just for kicks and there's an option that lets you mask you real name and e-mail. Gee all we need is mailing software that will automatically fake parts your header info.
e-Campaign
Note how e-buyonline has also ripped the menu from lmhsoft.com.
He didn't get damages or an injunction (or the equivalent in Pakistan). If we had better international and national laws for this kind of thing he would have been compensated by the crook for the time he put in dealing with this not to mention get an injunction against this behavior if the obviously immature crook decided to change his mind.
There is in mailman too... is that suppposed to be spam software?
Sometimes mailing lists need to be anonymous.
This happened to Tony Arts - only worse - his domain was ripped away from him, and then whoever done it started charging for his free[ware] software!! (and he codes some good stuff - I used to use a few in my winders days)
t m
:-(
The 'Official' Toni Arts page now:
http://personal.inet.fi/business/toniarts/index.h
and the unofficial 'ripped off' one:
http://www.toniarts.com/
If ever a site needs removing, it's that one
Account Suspended Temporarily Due to AUP Violation
Please contact abuse@pakhost.com for any questions.
Thank you for your cooperation!
Best Regards,
PakHost.com
it works;)
Have you considered changing its name? If for most people a name like "MailList King" sounds like an evil spammer's tool (it does for me, that was my first impression) maybe it's time to change that name. You know, if you want your product to be successful, you should pay attention to marketing issues.
Fh
From the product page: "Discussion Groups: Optionally allow your group members to send to your mailing list"
Clever signature text goes here.
one would be no better than.... I don't know.... SCO.
Someone was just compared to SCO. Next thread!
Dude. RTFA. Pakistan. :-)
My project TuxMobil: Linux with Laptops, Notebooks, PDAs, Mobile Phones and Portable Computers has been under the attack of content thieves some times. Therefore I have decided to sign all my pages with a steganographic watermark. Also I often watch out for stolen content using a special search engine, e.g. CopyScape. In case I detect a fraudulent site, I contact the FBI to Report Internet Fraud and the FTC's Consumer Complaints site (this applies only if the thief is located in the U.S.). And I complain to the thief's ISP.
- Immediately(!) purchase the stolen software, using a Mastercard or Visa. The resulting download is evidence, and the purchase itself will be used later. Make every effort to identify who (URL, domain name, contact info, company name, etc.) is actually processing this credit card transaction (hint: it's usually not the kid in Pakistan).
- Notify the contact info of the domain of the infringement. Use a DMCA-compliant notification.
- Notify the next upstream ISP of that domain of same.
- Notify the domain's registrar. Some have TOS which forbid illegal activity.
- Is the bad guy still up? Then start notifying the credit card processor that they have participated in a sale of stolen goods. Use a letter that calmly documents the date of purchase, how you identified the download as a stolen copy of your software, etc.
- When your credit card bill arrives, follow the instructions on the back of the bill to contest that purchase. Inform the credit card company of everything that's happened, including dates and times and copies of correspondence
- Join the ASP. It's a chance to notify fellow software producers that their software is being ripped off along with yours (and increase the pressure on a particular pirate site). It's also a way of supporting an organization that works to support your right to make a living selling software.
The linchpin in this effort is credit card processing. I don't care if you live on a small island that you rule yourself, if you take Mastercard/Visa transactions, you rely on American companies and American law. These giant companies grant smaller companies the right to parcel out merchant accounts, and they can cause non-trivial financial pain for merchant accounts that generate too many complaints for them.The wheels of the law can take much time to grind to a conclusion, and not always in your favor. Visa/Mastercard can issue a $20,000 fine in a much shorter time, and they don't have to consult a jury.
In the Wild West of Internet fraud that involves money flow, Mastercard/Visa is judge, jury, and executioner. Most victims simply don't know enough to bring their case to them, or the amount of fraud would be dropping.
...or a master flamebaiter
Yeah, but how can you defend a guy that got burned by the same type of people that he caters his software for? He knew what he was getting himself into.
The guy sells mail list management software. He is nothing LIKE the people who burned him. He is no different than Brent Chapman (creator of MajorDomo) except for the fact that the latter made his product community supported, Free Software. What's next, are you gona slag Apache because is it by far the most popular HTTP server used by fraudulent websites?
This frauster "Mohammed" is the lowest form of slimeball life. He wasn't just another spammer or BitTorrent pirate:
* He not only pirated the software, he did it with the intention to resell the pirated copies for a profit.
* He misrepresented himself as the creator of the software.
* He had an online shopping site that accepted credit cards--given his behaviour he intended to use those card numbers fraudulently
* He attempted extortion (demanding money, credit card numbers, etc for removal of the fraudulent site)
The author of the article succeeded in getting the site taken down, but if he hasn't done so yet, I believe he has an obligation to report "Mohammed's" activities to the authorities, as his behaviour is seriously illegal.
P2P apps may have perceived damages to a few large corporations, but they do not affect every single used of the internet like spam.
That is an absoulutely false and stupid statement. P2P is JUST LIKE email in terms of impact on network infrasutructure: used properly it is fine, but when abused it can cripple a network. At the height of the old Napster it slowed the sustained throughput of local cable ISP customers very noticeably. It is the chief reason for slowdowns on campus networks as well--in fact in some cases abuse of P2P apps is the chief reason for implementing bandwidth caps. I personally know of one remote site with internet connectivity provided by a sattelite uplink that racked up THOUSANDS of dollars in one months of fees because of a SINGLE KAZAA USER that shared all her music and lef thte PC on 24/7. As a result P2P was banned entirely. Incidentally, that same site had a Win2K box compromised and used to deliver spam, and it actually had LESS IMPACT on network performance than the P2P software did.
Today we have this story where someone was selling pirated software taking credit from the creator, but because this wasn't some giant software company overwhelming there are modded responses about "way to go", "stick it to 'em", etc. etc.
My questions is what is the difference between yesterday and today? Both folks committed copyright, trademark, and fraud, but because its the work of some smaller outfit it is more of an evil than the same thing happening to "Evil giant corperations"?
Piracy is theft. Fraud is Fraud. Infrigement is Infrigement. End of story. It doesn't matter if its small guy or giant huge megacorp.
I hope that the creator(s) of this program nail this guy and take 'em to the cleaners. Its times like these that lawyers are not an evil word and lawsuits in federal court aren't either.
"The problem with socialism is eventually you run out of other people's money" - Thatcher.
* If breaking the law helps me get free stuff (piracy) or hurts Microsoft somehow then it is not only OK, but moral.
* If breaking the law might cause me some distress (stealing my logo, sending me spam) then that is evil and bad.
Oh ho! I agree! The law is the ultimate basis for morality! I also enjoy evening programming on the Fox station and I use AOL.
My Greatest Heist - Muisc partly inspired by the unbeatable Qwantz
MailList King, like all of the products, was created because i personally had a need to manage the people who were asking to be contacted about new releases of our software (most of our software is viewers and slideshow tools).
Presently our site is bobbing on and off line due to the hits from slashdot, but hopefully this will subside before too long and I can get back to what i do (making shareware).
The fraudulent site in question is now down, due to the efforts of slashdot readers. We are still getting abusive e-mails and threats from him (in fact i see he has even posted to this board), but I expect that too will pass.
Regards
Nigel Cross
Xequte Software
www.xequte.com