Spam War Takes Out Blog Services

munchola writes "Following on from the story about spammers attacking Blue Security's anti-spam system, CBR is reporting that Six Apart, which runs the popular LiveJournal and TypePad blogging services, has become a collateral victim. Six Apart told its millions of bloggers it had experienced 'intermittent and limited availability for TypePad, LiveJournal, TypeKey, sixapart.com, movabletype.org and movabletype.com', before resolving the issue in the early hours of Wednesday. '[The spammers are] trying to rip apart the internet just to make our community stop fighting back against spam,' Blue Security's chief executive Eran Reshef said, adding that he knows who's behind the attack."

Blame fest

[LiquidCoooled]

fta:
The spammer also launched a conventional bandwidth-consumption DDoS attack against bluesecurity.com. It was around this time that the company opened its new blog, which meant TypePad got whacked.

This blue security article has been running for a few days now and the site hasn't been responding any time I've tried recently.

Isn't it just another DDOS blame fest when in reality its just the news spreading around the world and all the collective users of all the collective news sites are clicking the links to try to read the story?

A total slashdotting/digging/farking and general newsing all at once.

It was the same when word spread about google going down.
"OMG have you heard, google is dead?"
*CLICK* "Yer, its not working here either" *CLICK* *CLICK* *CLICK*
*CLICK* "Hey, its loaded here." *CLICK* "Oh crap, its broken again now.."

We are all guilty of assisting this DDOS attack. shame on us.

It will ease up once something else comes and takes our attention away from it.

Kill the spammers

[pete6677]

I don't think spam will stop, or even slow down, until a spammer is seriously hurt or killed. Right now, they know there is no consequence to their actions. I'm not saying I personally advocate killing spammers, but it certainly wouldn't make me feel bad to hear about it being done. Spamming would be a lot riskier if there were an element of harm attached for the spammer.

Two birds with one stone?

[3.5+stripes]

Taking out spammers and bloggers?

I can't see any down side to this, honestly.

Re:Fighting abuse with abuse is bad

[jtdennis]

isn't that counter to what you have in your signature?

Everyone keep's knocking blue...

[ZSpade]

But have they got any better suggestions. The federal government is a *Joke* about bringing any kind of justice down on this filth, and so the masses remained *outraged* and *victimized*. To me a (A computer tech) I see people's computers every day that have been turned into Zombies. Some so bad that they have to be reformated. They are bringing in their computers to me, and paying hard cash for me to fix it and prevent it from happening again. That's real money, real damages everyone is having to pay every day. I guess you could spin it in a positive light and say it's good for the tech industry, but not if people start becoming afraid to even get on the internet because of what might happen to their computer. This is theft, this is vandilism and the governements of the world are practically standing by and watching it happen.

So, do you have any better suggestions, if not then I kindly ask you to ommit your views until you can add something to the cause.

Opting out is *NOT* abuse!

[Spy+der+Mann]

All blue frog does is requesting to be opted out. One form send per spam received. No more, no less.

4 of the 10 major spammers had already excluded the blue security list from their mass mailings, and their problem was solved. But this particular spammer, instead of complying, shut down Blue Security.

Just because Blue Frog causes A SIDE EFFECT of disminishing the bandwidth of the spammer's website, is not Blue Security's fault. (It is our LEGAL RIGHT to request for opt-out, and to keep requesting it UNTIL IT IS FULFILLED).

To say opting out is abuse, is nothing but legitimizing illegal (non CAN-SPAM complying) spam.

Re:Shifting attack

[MrDoh1]

They don't supply spammers with the addresses of their members. What they do is offer a tool that cleans our email addresses (which are contained in an encrypted database) out of their spam address databases. So all that was done is the spammer in question compared a pre-cleaned version with a post-cleaned version and any addresses that no longer appeared were obviously members of BlueSecurity.

Also, the spam reports that are sent out are sent from a proxy type email address. My normal address wouldn't show up, but username@reports.bluesecurity.com is where it would come from.

Personally, I see nothing wrong with sending 1 unsubscribe request per piece of spam I get. BlueSecurity has just automated this method so I don't have to take the time, and they also handle escalation to the proper authorities if the situation isn't resolved.

If the spammer perceives getting 1 unsubscribe request per spam he sends a DDOS attack then I would think the best course of action would be not to send to those people. Heck, we are the ones who wouldn't buy anything from them anyway.

Also, based on what I have read in the blog itself (when it was still accessible) it was a user in the comments that suggested redirecting the site and error pages to the blog so users would at least have some clue what was going on. It's likely they took the advice without contemplating the potential outcome.

Re:Is Blue Security going public with who's behind

[DaHat]

Agreed! I've got my pitchfork and torch right here... I dunno about you but I'm up for some mob rule and a lynching to take care of this mess.