Feeds

Cybercrooks launch DDoS assault on anti-fraud site

Backhanded compliment

Protecting against web application threats using SSL

Updated Unidentified miscreants have launched a denial of service attack on a UK-based anti-fraud website.

Bobbear.co.uk, which fights money laundering by warning about groups attempting to recruit mules, was left unreachable on Monday after coming under a distributed denial of service attack. Net security firm Sophos reports that the site was taken out by an assault from a botnet of compromised PCs that began late on Sunday. The timing of the assault coincides with the launch of Get Safe Online week in the UK.

It's pretty clear that Russian criminals are behind the attack and it is still continuing, site admin Bob Harrison told El Reg. "Undoubtedly it is simply a response to the work I do in highlighting the mainly Russian money laundering and reshipping frauds that are currently plaguing the internet and wrecking the lives of innumerable victims."

Harrison has reported the attack to the Met's computer crime unit and to Russian domains linked to the assault, more details of which can be found here.

It's not the first time the site has come under fire from cybercrooks. In October 2007 a spam campaign sought to discredit Bobbear by bombarding all and sundry with supposed begging requests. In reality the "Joe Job" junk mail messages, asking for donations through online payment service e-Gold, were nothing to do with site administrator Bob Harrison or Bobbear.co.uk.

UK hosts Fasthosts unwittingly aided fraudsters by temporarily suspending the Bobbear.co.uk domain in response to complaints about the fraudulent emails. This time around Fasthosts have gone out of their way to help Bobbear, Harrison reports.

"Fashosts probably couldn't have done more in the circumstances. If I tell you that the Fasthosts server logs of these events amount to over 20Gb of data, you'll probably see the scale of the attack. They could have pulled the plug, but they have persevered in trying to minimise the attack," Harrison explained. ®

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
Microsoft to patch ASP.NET mess even if you don't
We know what's good for you, because we made the mess says Redmond
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.