Spam Sites Crippled by Lycos Screensaver DDoS

A distributed denial of service (DDoS) attack launched by users of Lycos Europe's MakeLoveNotSpam.com screensaver has succeeded in crippling several spammer sites, but some of the targeted sites remain available.

While Internet users debate the ethics of the initiative, Lycos Europe is denying reports that the MakeLoveNotSpam site was hacked and defaced last night. An intrusion by hackers would be a serious concern for an operation that controls an army of computers with DDoS capabilities. The site has been unreachable today, which could be related to traffic from Slashdot rather than a counterattack.

Lycos Europe is offering a "screensaver that spams the spammers," using idle computer time to attack sites that have been blacklisted for abusive spamming practices. Monitoring of three of the targets housed on Chinese servers shows that two of the sites, bokwhdok.com and printmediaprofits.biz, have been knocked offline by the attack. A third target, rxmedherbals.info, has remained largely available, with intermittent outages.

Performance of sites targeted by Lycos screensaver attack

Continue reading

Republicans Blocking International Access to Official Sites

The Republican Party appears to again be blocking Internet users from outside the United States from visiting its official web sites, with www.gop.com, www.rnc.org and www.GeorgeWBush.com all dropping traffic that originates outside North America. The timing and implementation of the blocking - which is now being provided through the political party's own web host rather than Akamai - suggests an ongoing interest in traffic filtering unrelated to the recent election.

The sites are all hosted by the Republican National Committee, the official site of America's governing party, which currently controls the Senate and House of Representatives as well as the White House. The blocking expands a practice implemented on the GeorgeWBush.com domain during the final week of the U.S. presidential campaign, when the Bush campaign site used Akamai's content management service to manage incoming traffic, citing security concerns.

On Nov. 24, the GeorgeWBush.com site stopped using Akamai and began having its domain name server (DNS) requests handled by the RNC's server, and redirecting traffic to the RNC's main site, gop.com. The RNC now appears to possess the capability to implement geographic blocking similar to the services Akamai provided for GeorgeWBush.com. Since Nov. 26, the rnc.org, gop.com and GeorgeWBush.com domains all show an identical pattern of failed requests from stations in London, Amsterdam and Sydney, while Netcraft's four U.S. monitoring stations show no performance problems.

GeorgeWBush.com Site Performance from Amsterdam GeorgeWBush.com Site Performance from New York

A dynamically updating chart of site performance for GeorgeWBush.com is available here.

Continue reading

Phishing Activity Surges Ahead of Holiday E-commerce Season

Phishing activity has surged in recent weeks, according to new data from the Anti-Phishing Working Group (APWG), which found increases in both phishing attacks and the sites hosting them. The group documented 6,597 new, unique phishing email messages in October, more than three times the 2,158 seen in August.

The APWG also cited 1,142 different web sites used in the October attacks, twice September's total of 584. That sharp rise in attacking sites suggests that phishing operations may be automating the deployment of attacks via hacked web servers.

Continue reading

SCO Web Sites Experience Outages

The main web site of The SCO Group has been offline for an extended period today, with several related domains affected as well. The main site at www.sco.com has just returned to service, with the alternate domain www.thescogroup.com having come back online earlier. TheSCOGroup.com was established as an alternate URL during the MyDoom-related denial of service attack on SCO in February, which kept www.sco.com offline for more than a month.

Site performance for www.sco.com

A dynamically upgrading graph of SCO-related sites is available here.

Continue reading

Firefox Launch Slows Mozilla Site

The large volume of users seeking to download version 1.0 of the Firefox web browser has caused intermittent performance problems today for the Mozilla Foundation.

Mozilla.org web site performance The Mozilla.org site has had some availability problems, but by 8 p.m. GMT the site was able to easily serve downloads of the 4.7 megabyte Firefox installation file for broadband users. A dynamically updating chart of the site's performance is available here.

Within hours of the browser's official release, the Mozilla site was slowing and Firefox enthusiasts were making use of the Google cache of download mirror sites. The list was also posted to Slashdot to help ease the traffic burden on the Mozilla.org site, which is hosted by Meer.net Continue reading

GeorgeWBush.com Reopens to Rest of World

The GeorgeWBush.com web site is again accessible to web users outside the United States and Canada, with access having been restored on Saturday. The official campaign site for Bush's election campaign began restricting access on Oct. 25, citing unspecified security concerns. Bush defeated John Kerry in the U.S. vote Nov. 2, but the site restrictions continued for another five days beyond the election.

Georgewbush.com web site performance

A dynamically updating chart of site performance for GeorgeWBush.com is available here.

Continue reading