A promising anti-spam service by Israeli company Blue Security has been brought to its knees by a renegade spammer hell-bent on protecting his spamming industry
Created by Eran Reshef, Blue Security came up with what looked like a cunningly simple plan to mash up the mass mailers: fight spam with spam.
The company set up a ‘Do Not Intrude Registry’ (similar to the Do Not Call Registry for telemarketing) and invited members to download a small application called Blue Frog, which automatically sent out requests to spammers to stop sending junk e-mail.
Of course, spammers aren’t renowned for paying attention to opt-out requests, so Blue Frog came with a rather nasty bite to make sure they paid attention: the software bombarded spammers with requests from all 522,000 of its customers at the same time.
It seemed to work too – Blue Security claimed that “six out of the top ten spammers” had complied with their opt-out requests and after signing up to the free service, we found our spam dropping dramatically. But not for long.
Spammers fight back
Not surprisingly, spammers don’t like it up ’em and soon started fighting back with a counter attack, launching a campaign of extortion e-mail messages threatening to flood users with nonsensical spam and viruses unless they removed their name from the Do Not Intrude registry.
This was followed by a sophisticated denial of service attack using tens of thousands of hijacked computers which managed to knock Blue Security’s Website off the Web.
According to Reshef, a shady Russian-speaking spammer known as PharmaMaster then managed to bribe a staff member at a top-tier ISP into ‘black holing’ Blue Security’s former IP address (18.104.22.168) at Internet backbone routers – effectively rendering Blue’s main Website invisible to anyone outside of Israel.
Rather sinisterly, PharmaMaster told Blue Security in an ICQ conversation, that if he can’t send spam, there will be “no Internet.”
With Blue Security reduced to communicating through their secondary TypePad-hosted Weblog at bluesecurity.blogs.com, the spammer moved in for the kill, launching a ferocious denial of service attack that closed down the TypePad and Live Journal servers owned by Six Apart.
This resulted in thousands of blogs disappearing off the Web for a few hours, with the net operations of five top-tier hosting providers in the US and Canada also being disrupted.
The attack also shut down operations for around 12 hours at Tucows Inc., a Canadian Internet services company who helped manage Blue Security’s site.
Faced with this endless aggro, Reshef has pulled the plug on his anti-spam operations, commenting, “It’s clear to us that [quitting] would be the only thing to prevent a full-scale cyber-war that we just don’t have the authority to start.”
“Our users never signed up for this kind of thing,” he wearily added, admitting that in retrospect he’d made the mistake of not anticipating that PharmaMaster would go “beserk.”
Commenting on the DoS attack on his server, Tucows CEO Elliot Noss declared it to be “by far the largest the company had ever seen,” adding that very few companies currently have the infrastructure in place to withstand similar full-on assaults.
“This attack really was like trying to take out a mosquito with an atomic bomb,” Noss added.
According to Six Apart, the FBI is investigating the attacks, but we won’t be holding our breath on seeing anyone behind bars.
Told You So
Speaking to the Washington Post, Todd Underwood, chief of operations and security for Renesys Corp, tried hard to stop himself from saying, “I told you so”:
“When the company’s founders first approached the broader anti-spam community and asked them what they thought of the idea, everyone said this was a terrible idea and that they would eventually cause a lot of collateral damage,” Underwood commented.
“But it’s also extremely unfortunate, because it shows how much the spammers are winning this battle,” he added.
Where this leaves the venture capitalists who invested more than $4 million in Blue Security in 2004 is anyone’s guess, but we’re saddened to see the outcome.
The fate of Blue Security’s initiative proves that steeenkin’ spammers still rule the Internet and until governments take a unified and global approach to prosecuting junk mailers, they’re free to do whatever they like.