Slashdot Mirror

← Back to Stories (view on slashdot.org)

Security Researcher and Alleged Spam Operator To Square Off In Court In Ugly Lawsuit (bleepingcomputer.com)

Posted by BeauHD on from the sit-back-and-enjoy-the-show dept.

An anonymous reader writes: River City Media, the company accused of running a huge spam operation, has filed a lawsuit against the security researcher and the journalist who exposed their activities. In a ludicrous lawsuit complaint, the company claims the security researcher didn't just stumble upon its unprotected Rsync server, but "perpetrated a coordinated, months-long cyberattack," during which it skirted firewall rules to access its server, used a VPN to disguise his identity, deleted critical files, and published his findings to make a name for himself as an elite security researcher. The company claims the researcher accessed Dropbox and HipChat logs, and even its PayPal account, from where it used funds to purchase various domains. The only evidence the company has is that the person who purchased the domains used a ProtonMail email, just like the researcher, who also uses a ProtonMail email. Remind you, this is the same security researcher, Chris Vickery, who discovered a Reuters database of supposed terrorism suspects, national voter databases for various U.S. states and Mexico, and various other companies.

10 of 56 comments (clear)

  1. Streisand effect by TimSSG · · Score: 2

    https://en.wikipedia.org/wiki/... Tim S.

  2. I can see it now by Brockmire · · Score: 2

    Defender's lawyers send over 1 billion boxes of documents after prosecution requested related materials.

    1. Re: I can see it now by saloomy · · Score: 5, Interesting

      This happened to a client, they received a truckload of documents. We paid an outsourcing company a couple grand to scan them into an OCR program and used text search to find the proverbial nails for their coffin. With the newest bad-ass document solutions from big printer manufacturers. This isn't really that much of an issue anymore. Just drop a thousand sheets into the loader and press the button. A few days with a few temps, and you have your digital versions.

  3. Firewall rules... by freeze128 · · Score: 2

    Well, some firewall rules cannot be skirted. For instance, DENY ALL TRAFFIC TO PORT 22.

    1. Re:Firewall rules... by Opportunist · · Score: 2

      Confidentiality can be perfected by eliminating availability. That's by no means any news.

      And guess what, if you unplug the computer from power and hide the power cord, it cannot even be abused locally!

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  4. Goose and Gander by Archfeld · · Score: 2

    We'd be up in arms if it was the FBI breaking into the systems to gather evidence of illegal activity with out a writ or warrant. Without the backing of the law the 'hacker' is and should be guilty of digital crimes, but that doesn't abrogate the guilt of the spammer, who should be relegated to a special hell for spammers and phishers. Private entities can get away with things law enforcement can't.

    --
    errr....umm...*whooosh* *whoosh* Is this thing on ?
    1. Re:Goose and Gander by Opportunist · · Score: 4, Insightful

      Vigilantism arises whenever law enforcement drops the ball. People are generally lazy and wouldn't go out of their way to do that "job" if it was already done.

      Of course police doesn't really approve of it. Do you like to be shown that you suck at your job?

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  5. If there is truly no evidence... by StevenMaurer · · Score: 4, Interesting

    Then Chris Vickery not only will be able to defend himself, but may be able to countersue under New Jersey's anti-SLAPP laws (SLAPP = Strategic Lawsuits Against Public Participation - exactly what this suit seems to be). The penalties can be quite substantial, $280K in a recent case. Not only that, but there is another New Jersey law that allows a judge to dismiss a case with prejudice within 45 days of the SLAPP filing. This is all cogent, because RCM is a New Jersey corporation.

    Furthermore, there is a shareholder group engaged in a proxy battle right now, saying that they see this as a desperate attempt to distract shareholders from corporate mismanagement. So this may not even get filed, depending on how the existing shareholders see this action>

    1. Re:If there is truly no evidence... by Picodon · · Score: 5, Informative

      This is all cogent, because RCM is a New Jersey corporation.

      You are probably thinking of another company, RCM Technologies, located in Pennsauken (New Jersey). There are other unrelated companies with similar names, including a River City Media located in Portland (Oregon).

      The spam operation operated by Matt Ferris and Alvin Slocombe seems run from Washington state, along with other companies that they have registered there under names like “Acetech USA”, “Cyber World Internet Services” and others, according to SpamHaus.

  6. Re:Vigilante Security is Harmful by Opportunist · · Score: 2

    Then they should probably stop beating up protesters and start protecting people instead of assets and investments.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.