Slashdot Mirror
What Happened to Blue Security
shadowknot writes "Blue Security has published a detailed account of the attack on their servers perpetrated by spammer "PharmaMaster". The attack included a DDoS attack on the Blue Security operational system and a Black Hole filtering attack on the Blue Security website. From the article: "The first attack was to block worldwide access to Blue Security's corporate website (www.bluesecurity.com) by tampering with the Internet backbone using a technique called "Blackhole Filtering". The Second attack was a DDoS attack on Blue Security's operational system."
Apparently spammers are lining up to help out Pharmamaster from the SpecialHam forums. Digg.com users yesterday attempted lauching multiple types of bandwidth vampirism and DDOS attacks on SpecialHam yesterday as well. http://digg.com/technology/SPAMmers_really_pissed_ off_at_bluesecurity,_read_their_message_board
What happened was that the spammer complied with instructions from Blue Security to download a program that washed Blue Security protected email addresses from the spammers' sucker list. When theis program was run on the spammer's email list Blue Security email addresses were purged. The spammer simply compared the purged list against his unpurged list and listed all the email addresses that were removed. He then sent the threatening emails to any email address that was purged from the original list.
Blue Security is up and running again. Not only will I continue to use the Blue Frog, I will also promote it now. I do not like bullies, and will do whatever I can to stop them. Blue Security and others that help people punch back against spammers should be commended. I myself have written a signed applet that also punishes spammers.
One can look at it by visiting http://www.plaza1.net/SpammerSlapper .
The applet is GPL, and the source code is embedded in the applet. If you do not want to actually punish spammers, do not accept the certificate. I am also thinking about creating a java application that works in a similar way to Blue Frog - only the complaint instructions will be distributed via a peer to peer protocol and cryptographically signed. Any ideas on this one?
this is a really cool story about how a company handled a DDoS attack by organized crime.
xkcd.com - a webcomic of mathematics, love, and language.
...and imagine the PR campaign that Blue Security is going to have to wage to get any credibility back.
Um, how about "no such thing as bad publicity"?
In my journal i commented that the attack on Six Apart was the web equivalent of Pearl Harbor. It not only (possibly) called the attention of the authorities towards PharmaMaster, it also became worldwide famous: I've been searching blogs for "blue security" and I've seen a lot of comments from people wanting to sign up when they're back online. One blogger in particular (forgot the url) said that "Blue Security" became the top technorati search during the attacks.
What part of their methods do you not agree with? All they are doing is automating what you could do on your own. For each spam message you send them, they analyze it and set up a script to make ONE opt-out request on the spammer's website (where they are selling their product) and ONE message each to some and/or all of the upchain ISPs, government agencies that have jurisdiction over the crime, etc. They then forward that script to your BlueFrog client running on your system. If you are the only person that got that spam message, that one message is all that is sent to the spammer and the appropriate authorities.
Now if the spammer sends that message to 1000 BlueSecurity members, they will get 1000 messages generated and sent, one from each of the users they spammed. If they send it to 5000 users, well you get the idea. The more Blue people they spam, the more opt-out requests they get. One for one.
You have a right to do it by yourself, tracking filling out forms on the spammer's ordering site, forwarding a copy to the ISP of the originating IP and/or mail server, forwarding it to the FDA if it is a drug relates spam, etc. How long will that take you? You could easily spend a few hours a day or more doing that.
Enter BlueSecurity stage right. They hire staff to track down the senders of that spam message you just received, just like you would have done. The difference is they take that information and distribute it to everybody else they know received that spam as well.
The thing is, these spammers should understand they have absolutely 0% of a chance of selling that item to any of the members of the Blue community. Why are they bothering to do this when it has no chance whatsoever of giving them even a single cent of profit? They should be happy to have the chance to clean their leads list. I've done telephone sales in the past (calling existing members about renewals) and I was happy to remove people who didn't want to be called from the list. For every person I removed from the list, it meant one less guaranteed no-sale next time the membership list cycled. In the long run I made more sales, and actually helped more people save money (it was cheaper to renew via phone than via the normal process) on a product they wanted.
I understand the calling I was doing is completely different than the spamming in this topic, but the end result is the same. The more guaranteed "no" leads you remove, the higher you sales percentage will be, and the more profits in the long run.
I had heard about Blue before this mess, but never got around to checking into their methods and signing up. Now that I see they are effective, and feel comfortable on how their network and client works (I also thought they DDoS'd the sites until I looked into it,) I have signed up. Now I'm waiting for their system to become fully functionable again so I can verify my account and start kicking spammer tail!
Jeremy