Anti-spam sites weather DDoS assault
Storm Trojan fingered in tempest
Prominent anti-spam services came under a sustained denial of service attack late last week. The assault targeted Spamhaus, Spam URI Realtime Blocklists (SURBL), and Realtime URI Blacklist (URIBL).
The URIBL (which, like SURBL - filters junk mail based on spam sites mentioned in their message bodies) website was rendered temporarily available by the assault between Wednesday and Friday. It used DDoS mitigation technology from Prolexic to restore services.
Both Spamhaus and SURBL managed to keep their sites up and running during the onslaught. The Rules Emporium, which hosts additional rules for SpamAssassin, was unavailable on Friday, but it's unclear whether this was a direct result of the assault on fellow spam-busting sites.
Last week's attacks were likely launched from a network of compromised (zombie) PCs and were of the same type as those that knocked out spam-busting outfit Blue Security last year, according to the Internet Storm Centre (ISC).
"The attacks seem to be similar to those carried out against BlueSecurity last year, with the Storm malware. Storm is a botnet that can do basically anything..." security watchers at the ISC note.
On the plus side, the fact that spammers have taken to launching denial of service attacks might be a sign of desperation, it adds. ®
"rendered temporarily available"
how does that work?
I'll get my coat....
Rule #3 demonstrated again
Spammers are always desperate; that's because they are essentially stupid.
Dave Lindhardt, the spammer of e360insight in Illinois, has again demonstrated his desperation by launching a frivolous lawsuit against a number of anti-spammers for "defamation" - they allegedly called him a spammer, and he claims that hurt his "business."
Of course, the entire purpose of the lawsuit is to prove a falsehood - that Spamhaus does business in Illinois. Most of the people he's suing have more connection with the Manahattan Project than they do with Spamhaus.
Second paragraph: "...was rendered temporarily available...".
Now THAT's an attack only the very well prepared can sustain. Heck, if all our systems suddenly worked we'd have to stop "working on a solution" (a.k.a. drinking loads of coffee and surfing The Register). I no time, some suit would suggest that we could spend our working hours actually DOING something. Terrible thought... ;-P