Password Gropers Hit Peak Stupid, Take the Spamtrap Bait

badger.foo (447981) writes Peter Hansteen reports that a new distributed and slow-moving password guessing effort is underway, much like the earlier reports, but this time with a twist: The users they are trying to access do not exist. Instead, they're taken from the bsdly.net spamtrap address list, where all listed email addresses are guaranteed to be invalid in their listed domains. There is a tiny chance that this is an elaborate prank or joke, but it's more likely that via excessive automation, the password gropers have finally hit Peak Stupid.

Re:This guy might be overvaluing his files

[arth1]

Right, it is irrelevant for the spammer. He's not using his own resources. Whether he sends e-mail to a million real and a million fake addresses, or to a million real and two million fake ones does not matter.

What's "peak stupid" here is the submitter not understanding how spamming works before posting on it.

Weird log file activity...

[QuietLagoon]

I've been seeing weird log file activity for the web server that runs some of my sites.

.
A lot of requests for odd URLs, all of which return 404. All of the requests that I checked originated at an IP address in Russia, and dozens of different IP addresses were used. These odd requests started about 5 or 6 months ago and have been ramping up lately. Makes me wonder just what they originators are looking for?

Re:Don't be silly

[Noah+Haders]

search the web for "nunn memo", or even better the wapo, nytimes and politico writeups about it. Just leaked in the past week, it's a 144 page "strategy memo" on how Nunn should win her congressional race and then be a "legislator". It's a real downer.

sorry for [citation needed], but I'm at work and shoudn't be seen on the intertubes (tapping this post into my phone while on the crapper).