EmailSafety.net - Antispam firm says it was victim of attack

Antispam firm says it was victim of attack

Anti-Spam Software

What is Spam?

Spam Laws

Spam Facts

User Tips

Common Email Scams

What Are Visuses?

Virus Prevention Tips

Anti-Virus Software

Basic Tips

Recent News

The CEO of an antispam firm whose service was knocked offline by a spammer earlier this week claimed his company was the victim of a sophisticated attack carried out, in part, with the help of someone at a top-tier ISP.

Eran Reshef, CEO of Blue Security, an Israeli antispam firm, said that his company was attacked by a major spammer named PharmaMaster who used a combination of methods to knock out the company's Web site and the servers hosting its services. He also hit back at criticism that the response by Blue Security to the attacks caused widespread problems to others.

Blue Security, which has its U.S. headquarters in Menlo Park, Calif., operates an antispam service designed to deter junk-mailers by spamming them back. Blue Security's Do Not Intrude program allows individuals to register their e-mail addresses with the company and essentially flood spammers who send them e-mail with automated opt-out requests.

The attacks that crippled Blue Service were preceded by PharmaMaster sending out threatening e-mails to subscribers of the Do Not Intrude Registry, warning them of even more spam if they did not withdraw their subscriptions.

PharmaMaster then appears to have gotten someone at a major ISP to block Blue Security's IP address on the Internet's backbone routers, most probably via a process called black-holing, Reshef claimed. With black-holing, an ISP essentially removes the advertised path to a particular Web site or IP address -- making it completely inaccessible to the outside world. According to Reshef, PharmaMaster informed Blue Security that he had gotten an ISP to agree to blackhole the company before the attacks started.

"Immediately, we started seeing our IP address getting blacklisted by other ISPs," Reshef said. As a result, traffic to the company's main Web site dropping from the usual 100 hits per minute to about two per minute in less than an hour -- and nothing at all from outside of Israel. At almost the same time, massive distributed denial-of-service (DDoS) attacks were launched against the dedicated servers that provide Blue Security's antispam service. The servers, located at five separate hosting provider sites, were bombarded with up to 2GB of traffic per second, rendering them inaccessible.

In what Reshef said was a bid to tell subscribers what was happening, Blue Security pointed the company's corporate Web server URL to its blog, which is hosted by Six Apart Ltd. in San Francisco. PharmaMaster then launched a DDoS attack against the server hosting Blue Security's blog. That resulted in thousands of other blogs hosted by Six Apart to be knocked offline.

« Previous | 1 | 2 | Next »

Recent News:

· Feds draw a bead on Russian behind Mega-D botnet
· Ransomware Attack Resurfaces to Hold Files Hostage
· Adobe Reader X Makes PDF Files Safer
· PayPal Users Beware of Holiday Phishing Scam
· McAfee Reports Malware at All-Time High

Site Map | Recent News | Related Sites