Spam Sites Crippled by Lycos Screensaver DDoS

A distributed denial of service (DDoS) attack launched by users of Lycos Europe's MakeLoveNotSpam.com screensaver has succeeded in crippling several spammer sites, but some of the targeted sites remain available.

While Internet users debate the ethics of the initiative, Lycos Europe is denying reports that the MakeLoveNotSpam site was hacked and defaced last night. An intrusion by hackers would be a serious concern for an operation that controls an army of computers with DDoS capabilities. The site has been unreachable today, which could be related to traffic from Slashdot rather than a counterattack.

Lycos Europe is offering a "screensaver that spams the spammers," using idle computer time to attack sites that have been blacklisted for abusive spamming practices. Monitoring of three of the targets housed on Chinese servers shows that two of the sites, bokwhdok.com and printmediaprofits.biz, have been knocked offline by the attack. A third target, rxmedherbals.info, has remained largely available, with intermittent outages.

Performance of sites targeted by Lycos screensaver attack

News reports have described Lycos Europe's effort as "the first time the principle of distributed computing, which harnesses the power of computers while they are idle, has been employed against antisocial behaviour online." The ethics and wisdom of vigilante DDoS attacks was widely debated earlier this year when Internet security firm Symbiot introduced a product that can launch "counterstrikes" against DDoS perpetrators.

Lycos Europe's approach has been cheered by some Internet users fed up with spammers' abuse of their mailbox and connectivity. The UK-based firm appears to be relying on the likelihood that the renegade sites being targeted are unlikely to use legitimate channels (such as ISP abuse departments) to report attackers. No Internet service providers have yet indicated that they will take action against subscribers participating in the attacks.

Lycos Europe says it expects to become the target of DDoS attacks from spammers, who often control botnets of compromised computers that can be used in DDoS attacks as well as spam delivery.

Lycos Europe said the reports of a site defacement were a hoax by spammers. Sites that download software are attractive targets for hackers, offering the ability to distribute malicious code that can be used to seize control of computers for use in botnets. Hackers were recently able to compromise the download server for the PostNuke content management system, redirecting users to malicious code for more a day. Open source projects Gentoo Linux, Debian Linux and CVS have also been compromised, but in each case the intruders were unable to access areas of the server housing download packages.

But Lycos Europe's initiative already appears to have the attention of spammers and hackers, who have demonstrated their resourcefulness and interest in distributed computing with the MyDoom DDoS attacks and last week's deployment of malware through banner ad networks.