Slashdot Mirror

← Back to Stories (view on slashdot.org)

Artists Against 419 Releases Mugu Marauder

Posted by timothy on from the satisfying-anwers dept.

An anonymous reader writes "Similar in scope to the (now defunct) screensaver created by Lycos that targeted spam sites, the newly-released Mugu Marauder is intended to take fraudulent bank sites off the air by sponging up their bandwidth. Mugu Marauder can be downloaded at www.aa419.org/mm/ It's currently only available for Windows, though a Linux port is allegedly in the works."

25 of 222 comments (clear)

  1. FP by michaelhood · · Score: 5, Insightful

    Beware of getting slammed by your ISP with a "friendly" letter, after consuming tons of bandwidth using something like this.

    1. Re:FP by Anonymous Coward · · Score: 3, Insightful

      Great, instead of contacting the hosting companies involved we DDOS them. Most scammers use shared hosting (usually signing up with a fraudulent credit card) and hence any such attacks can affect the whole server taking out hundreds of web sites, and even a whole subnet if network traffic is high too.

    2. Re:FP by andynz · · Score: 3, Insightful

      A lot of the 419 sites use cheap or free hosting services. The goal of these tools is to exceed the allocated bandwith of the site, and possibly to make the hosting companies take notice. Every site targeted has already been brought to the attention of the hosting companies involved. If they cannot be bothered doing anything about it they should be prepared for the consequences.

  2. Yay (*sigh*) by n0dalus · · Score: 5, Insightful

    Once these sites get hit they redirect the dns towards legitamate services and change addresses.
    So this will probably just end up DDoS'ing the real banks instead of the fake ones, these fake banks move around a lot and create extra damage in their wake as a result of something like this.
    Fighting fire with fire just doesn't work like it should.

  3. another dumb idea by RMH101 · · Score: 4, Insightful

    Just like the Lycos screensaver that strangled spammer's bandwidth by not-quite-DDOS-ing them, this is a stupid idea. Legally you'd be opening yourself up to all kind of problems running this kind of thing: ISPs don't tend to take to kindly to this sort of denial of service attack.
    It's not sexy, or headline-grabbing, but the correct way to go about this is the same as it's always been: go after the ISPs to pull their accounts. If they're RFC-ignorant, add their IP blocks to the usual blacklists until they comply or are connected to an intranet.

    1. Re:another dumb idea by StillNeedMoreCoffee · · Score: 2, Insightful

      Well bandwidth on the internet is an issue. Using it up for this type of "operation" is stealing bandwidth from everyone else. Then there is always the problem with trusting that your code does what you say and that all the sites targeted are ones that are evil.

      Who makes that choice? Do the sites have any recourse to appeal if you make a wrong decision?

      Is the code which turns someones PC into your Zombie ever at risk of your benevolent control being taken over by someone else, or someone in your group with their own hidden agenda?

      Sound like a risk on many levels. And I personally don't think this is the way to take matters into someone other than mines own hands. Good intent these sites are bad, but wrong method on so many levels.

    2. Re:another dumb idea by fatcatman · · Score: 2, Insightful

      Using it up for this type of "operation" is stealing bandwidth from everyone else.

      Cry me a river. Better to "steal bandwidth" if we can stop these crooks from stealing real money from people. Wouldn't you put up with a slightly slower connection for a few hours if it meant a few thousand people didn't get screwed out of real money? If not, then you're a selfish ass.

    3. Re:another dumb idea by mrbuttboy · · Score: 2, Insightful

      There is much flawed logic in your post and some very valid logic too,but talking about what we agree on isn't interesting. :) Most of it has to do with scale, the likely impact on people,the net,companies,etc. Also, it is very easy to insert pejorative terms like vigilaneism and terrorism however it doesnt help you arguments logic.

      Regardless thou,even if every point you were spot on the wouldn't mean it was a mistake to try this. It may be very comforting that you have all the answer to all the issues regarding this but the rest of us DON'T.

      The courts make mistake. Priest make mistakes. Lord knows algorithms make mistakes. This is the net trying to find a way to deal with a problem. If you are correct then the behavior will limit itself because it doesn't work. If it does work, really work, then it BY DEFINITION is not causing a problem. There might be some pain for some people but that is what life is about.

      The simple answer of just waiting for a perfect solution is never going to happen. This means that less then perfect solutions will be tried and will fail. This maybe the wrong way to fix it. Your solution maybe wrong. They likely both are. Whatever the case, the more things that are tried the better the chance of finding one that works good enough.

      since you end with a shallow quote, allow me to return the favor

      All that is necessary for evil to triumph is that good men do nothing

      --
      What do you say to the man that has nothing? Cast it away!!
  4. Linux/unix version by CvD · · Score: 4, Insightful
    Copy & paste the sites that are listed on the front page of the link in the article into a file called sites.txt, each on one line, and then run the following command:
    while true; do wget -q -i sites.txt --delete-after ; done
    A daemonized version shouldn't be that hard to write, just have it parse the URLs on the front page out every day, and re-run wget on the new list.

    Happy marauding...
    --
    The Official Steve Ballmer Webpage
  5. Gee, thats great by gowen · · Score: 5, Insightful

    Vigilante justive via DDOS. Well, that won't set a horrible precedent for people knobbling the web site's of those they don't like. Who's next? Radical pro-life groups DDOS'ing websites with abortion information?

    (Yes, I know this has a slippery-slope element to it, but there are plenty of activist groups out there willing to be vigilantes, because they believe their actions to be either unambiguously moral, or divinely inspired.)

    --
    Athletic Scholarships to universities make as much sense as academic scholarships to sports teams.
    1. Re:Gee, thats great by gowen · · Score: 4, Insightful

      Or that. It was an example, not and exhaustive list. Would you like me to have enumerate *every* possible example?

      In short, I'm merely pointing out that accepting certain types of anti-social, vigilante behaviour (DDOS) *only* because we belive in their cause (hurting scammers) leads us very difficult moral ground when people with whom one does not agree use the same tactics.

      --
      Athletic Scholarships to universities make as much sense as academic scholarships to sports teams.
  6. Think about it. by Sheetrock · · Score: 4, Insightful
    One successful 419 scam (where they soak some victim for hundreds of thousands of dollars) will pay quite handily for one of these fake websites, DoS or no DoS.

    On the other hand, the rest of us pay thrice: once for the victimization of regular people not yet wise to this game, once for the waste of bandwidth because of the huge amount of spam being sent out for this scam, and now once for do-gooders pumping loads of worthless data back through our shared Internet at these websites, which are replaced faster than they go down.

    On the surface it looks like a good idea, but it's just adding to the damage like all these other vigilante anti-spam tactics. A better technical solution already exists; switch from e-mail to instant messaging within a company and save all your instant messages.

    --

    Try not. Do or do not, there is no try.
    -- Dr. Spock, stardate 2822-3.




    1. Re:Think about it. by macshit · · Score: 4, Insightful

      A better technical solution already exists; switch from e-mail to instant messaging within a company and save all your instant messages.

      You've got to be kidding...

      That's like switching to pogo sticks because you're afraid of car-jacking.

      How about instead: (1) use less brain-dead mail clients, and (2) educate your employees so they're not (quite) so brain-dead themselves. The advantage of being a company is that you can actually do these sorts of things.

      [I know, I know, some companies demand brain-death. I suppose it's pogo sticks for them.]

      --
      We live, as we dream -- alone....
  7. Is this by Anonymous Coward · · Score: 2, Insightful

    legal?

    1. Re:Is this by DaHat · · Score: 4, Insightful

      Probably not.

      It's kinda like stealing pot from a dealer, chances are, he's not going to report the theft.

      Regardless of what is worse, 419ing of DoSing, both are bad and both are illegal, and just like copyright infringement on P2P, people will try to justify it "it's not like I am going to pay for it anyway" and "they already have enough money".

      --
      Help Brendan pay off his student loans
  8. Leave well alone by mattbee · · Score: 4, Insightful

    I don't care who you're or how pretty the screensaver, just don't download programs for network abuse like this and expect your ISP to take it lightly. If you really want to take action against a phising site, call the ISP hosting it and complain to them. Same principle, less innocent parties affected along the way. If you don't get a response from that ISP, call the ISP further upstream... this is how we deal with network abuse; it's slow but it's legal, and it works.

    --
    Matthew @ Bytemark Hosting
    1. Re:Leave well alone by Pastis · · Score: 3, Insightful

      I've just done it yesterday and they closed the account within minutes.

      See here: http://support.beamhost.co.uk/helpdesk/view.php?ti cketid=6360&auth=8f64e9b4

      The site is probably going to reopen somewhere else. But I've probably spent less time than it takes for them to reopen it.

      What's needed is a program that automates that.
      You feed it an URL and the program automatically search for a contact email (e.g. abuse@) and prepares an email for you to send.

      Then as most phishing sites are introduced by spam emails, the process could be automatized further.

      Just process the mail. The phishing site is found, and the email server (probably an cracked/virused/wormed machine) is identified and the ISP of that machine is identified as well.

      Shouldn't be hard to do...

      Can be done by a central server or on the mail client. The phishing detection is already there in Thunderbird. Just need to use it to report it. Otherwise let's do that centrally, which has the benefit of having a single code base for the processing.

      Free Software should be there to show the way. Who said we cannot innovate?

      --
      Sneak teach kids Algebra using a game
  9. I disagree, It's actually a good idea by Anonymous Coward · · Score: 2, Insightful

    Most scammers use shared hosting (usually signing up with a fraudulent credit card) and hence any such attacks can affect the whole server taking out hundreds of web sites

    That's a bonus!!!! If those affected website owners complain enough then the ISP will pull the offender!

  10. This is just an insanely stupid idea by October_30th · · Score: 3, Insightful
    Similar in scope to the (now defunct) screensaver created by Lycos that targeted spam sites

    And will probably work just as well... vigilante justice never works and should not be tolerated.

    --
    The owls are not what they seem
    1. Re:This is just an insanely stupid idea by October_30th · · Score: 2, Insightful
      Not until such punitive action has a basis in the law which, in turn, are set by your national, democratically elected body.

      What you're referring to is the tyranny of the majority. In a representative democracy even the majority can't dictate all the rules - and that's a very good thing.

      --
      The owls are not what they seem
  11. Please somebody DDoS them. by Kickasso · · Score: 5, Insightful

    aa419.org, that is. They apparently think it's legal and acceptable, so they won't complain.

  12. Block list by blackest_k · · Score: 4, Insightful

    It makes far more sense for a centralised block list, regularly updated, hosted by a reputible body.

    A small change in functionality to your web browser so that when you attempt to connect to a site on your blocklist. your browser informs you and the reason why and then asks you if you want to proceed anyway.

    its a much more economic use of resources and could be added to by local police agencys as victims become known or perhaps a phishing notify button added to our browsers.

    when we wander upon a site thats dodgy that url can be passed on to the hosts of the blocking lists, a site would be verified to prevent malicious use and if checked out as being ok, it wouldnt be reexamined till a certain number of other referals took place.

    No waste of bandwidth, no denial of service attack on any site just a hazard warning in your browser that the site may be harmful.

    perhaps the banking sites might even care to host such a list.

    --
    Blarney Quality Restaurant, Plants
  13. Re:Spamming back the scammers? by Anonymous Coward · · Score: 2, Insightful

    Better yet set up a premium rate fax number and ask them to fax you the details. You scam the scammers for hard cash, with no nasty side effects. For good measure you could always set the baud rate on your machine nice and low so it takes longer to send the fax and costs them even more money.

    The advantage of just emailing them back of course is that if enough people did it then the scam would stop. Imagine having to sort through 50,000 emails to find the real suckers, rather than a dozen or so. Identifying the real suckers would be like trying to find a needle in the haystack, so they would not be identified and not scammed. At which point the scam no longer works. The downside is that someone could deliberately Joe Job an innocent bystander.

  14. Where are all the Script Kiddies? by silence535 · · Score: 2, Insightful

    Why are they not using their botnets to DDOS the phishing sites and spammers?

    I mean, then MS security vulnerabilities would suddenly make sense.

    -silence

    --
    Dyslectics of the world, untie!
  15. Pointless again... by Da+Web+Guru · · Score: 3, Insightful

    Of course, this will have no real impact on taking down phishing sites. The people that set up most phishing sites follow these simple steps:

    1) Find a vulnerable server and root it, or get just enough access (through something like a phpBB exploit) to upload a phishing site to the right directory. They will end up with a URL that probably looks like "http://aaa.bbb.ccc.ddd/online/wamu.html". Phishing sites don't bother with mundane details like DNS or domains (waste of time and energy) because the URL will be conviently hidden with javascript by your favorite HTML email client anyway.

    2) Repeat the above step as often as you like to have a "cluster" of phishing sites.

    3) Send out tons of spam advertising the phishing sites, randomly picking one of the above URLs to use for the login page.

    4) By the time the phishing sites are detected, reported, and disabled (could be as long as a week or two or four), hundreds of people could have attempted to log into each of the fake login sites.

    5) In most cases, the owner of the server being used for the phishing site is completely oblivious of the phishing site. (The rest of their web sites are working fine, so why should they be aware of any problems?) DDoS'ing them will only attack a confused victim.

    --

    --guru