iEntry 10th Anniversary RSS Archive

IT Management Begins With Security
SecurityProNews > News > Security News > Being A Squirrel Against Spammers
Search:
[ news_security_news ]

Being A Squirrel Against Spammers



John Stith
Staff Writer
2006-01-17

SecurityProNews: Insider Reports Insider Reports RSS Feed


It's always nice to see a spammer who gets his. Back at the end of December, Darren Brothers put together an interesting little project to cause problems for spammers. The program he put together got one spammer to surrender. His solution: fight fire with fire.

A hat tip goes to both Alex Eckelberry at the Sunbelt Blog and to Brian McWilliams' Spam Kings blog. Brother's method was "website feedback form poisoning" and it was affectionately called "Kick a Spammer in the Nuts Daily." While the title is endearing, the effects were …uh… vicious to the spammer.

The theory was this:

1) Each day, the list of currently active domains attributed to the currently targeted spammer or scammer would be posted.

2) Each TSB'er would pick one of those domains and visit the target website.

3) The feedback form would be filled in with bogus data and submitted.

Now, what this does is it poisons the database of leads... imagine if all 5000 TSB'ers did this just once a day to a spammer or scammer... there'd be no way for the spammer or scammer to ascertain that the leads are bogus because we'd be trying to make the data as believable as possible, Turing images wouldn't block us because the forms will be filled out manually (vs. via a script that can't read Turing images), the IP addresses would give no indication of bogus data due to there being so many different IP addresses connecting, and they'd have no Referer information with which to block bogus form submissions.

Once the spammer or scammer figures out that they cannot possibly verify all the bogus leads, they should abandon the domain... but there will always be more domains.

It was a brilliant idea. The first victim has fallen and there are no plans to stop the system of spammer neutering. The target of this onslaught was a Russian gentleman known as Alex Polyakov. Polyakov has thousands of domains registered, many believed to have been paid for with stolen credit cards. Brothers said Polyakov was responsible for about one fourth of all reported spam and is ranked as the largest spammer in the world.

They're spamming the hell out of everyone... at the spam reporting entities I'm checking, they accounted for from 23 to 28 percent of all spam reported.

They registered over 50 new domains just today, and are very near 2000 total domains... Polyakov is now the biggest spammer in the world, and apparently believes that he's invulnerable and will never get caught.

Let's show him how wrong he is... blow him away with tens of thousands of bogus leads, load up SpamVampire and drain the hell out of his site, and for those who are working with me, packet the hell out of him.

Brothers put together a program to keep the process going. He called the "Refi Retaliator." This program combines with others as well as groups of people continuously hammering the various sites, Polyakov eventually relented and surrendered.

Brothers posted this on the Nanae newsgroup earlier today:

Hey, spammers... the Refi Retaliator can easily be reconfigured for any site selling any service or product... and it's coming to a website you own in the near future if you keep spamming. It's in the public domain now, so anyone can use it. And there are millions of 'anyones' you've pissed off.

Brothers received a call from Polyakov offering lots of different options including money and to create an anti-list. Fortunately, Brothers turned him down. We must consider now what this means.

It means a concerted effort can be made to hammer spammers down. It means security software companies could make a concerted effort to attack the spammers to stop the inundation of spam. While Polyakov was big, it's not like he's in jail. The only way to stop these is to take the fight to them and make it expensive for them to operate.


Add to | DiggThis | Yahoo My Web





About the Author:
John is a staff writer for SecurityProNews covering cyber security.

More news_security_news Articles

SecurityProNews: Insider Reports Insider Reports RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Contact Us | Advertise | Newsletter Archive | Sitemap | Submit an Article | News Feeds
SecurityProNews is an iEntry, Inc.® publication - $line) { echo $line ; } ?> All Rights Reserved | Privacy Policy and Legal		 Join the WebProWorld Forums: Click Here
Virus Warnings

Subscribe to
SecurityProNews FREE!


[ more newsletters ]

Featured On:
article resources
Search Articles:
[advanced search]

WebProWorld.com
Get in-touch with industry experts and leaders
Post your site for review by expert and peers
Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com

Titan Quest Forum
The #1 Titan Quest forum
Halo 3 Forum
The best Halo, Halo 2, Halo 3 forum
Nintendo Wii
Nintendo Wii news and views
Mac Software
The best in OS X freeware
Graphics Forum
Your source for graphic tutorials
SecurityProNews.com | Breaking eBusiness News Get Your IT Questions Answered - Click Here SecurityProNews News Feeds