Spammer 1 - Blue Security 0

frogSad news today in the seedy underbelly of the advertising business - I know you don't like it folks but you have to admit that spam is the ugly acnescarred bucktoothed cowlegged smelly ADD suffering stepchild of advertising who spits on the table and brings shame on the family.

Say "advertising" and people think "spam!"

It's like when you mention Hilton these days, nobody thinks of a posh hotel chain, but of night-vision and skank-daughter Paris performing robotic fellatio - I keep wondering when the Hilton hotel chain has to get a new name and an image elevating ad campaign. Call me.

Blue Security had a new idea to fight spam, all their customers would send opt-out emails (automagically) simultaneously to spammers for every spam received. Not only would the spammers on US Soil have to comply according to the can-spam act, but also getting half a million opt-outs for every spam you sent would be quite the headache. If you sent it from your own servers and addresses that is. Well, last week spammers attacked Blue Frog security and DDoS:ed them off the web. After all that downtime and no end in sight, Blue Frog waves the white flag and have announced that they are quitting the spam fighting game. On their way down, they dragged Six Apart blogs with them. Oops. (more inside)

So how on earth did Blue Frog pull down Six Apart? Seems that when the DDoS ravaged their servers, someone at Blue Security made the unwise decision to redirect traffic to a unused Six Apart blog, hosts of TypePad and LiveJournal, in a misguided attempt to get the word out. Maybe they thought that the news of Blue Frogs demise would get great publicity if bloggers felt the wrath of spammers too. In any case, millions of blogs went offline as Six Aparts servers caved under the DDoS.


Over at Wired News a Russian spammer takes credit for the DDoS that took Blue Frog off the web.

In the message to Wired News, the self-described Russian spammer said "attacks" sent by computers running Blue Frog, the tool installed on users' computers to send automated opt-out requests, are easy to handle, but time consuming.


"The point of it is to get Blue Frog software to stop turning its subscribers' computers into zombies that attack our servers," the spammer wrote. "If you want to be removed from our mailing list, please opt out first."
Oh hahaha, that last part makes me laugh. A) Wasn't that exactly what they were doing? B) Since when are opt-outs anything but messages to spammers that lets them know "valid email please spam me more"?. I mean c'mon those things haven't been honored for ten years!

Information week sums up the story: Blue Security Gives Up, Spammer Wins , and the Google news thread here will keep digging for fresh news on the subject. ALso, BBC news.

Sadly with this story, spammers seem less and less like the nuisance kid and more like the full grown tobacco chewing cocaine snorting meth using gun weilding mobster supreme who will kick the shit out of puppies just because they don't like their color. Every time some idiot out there clicks on a link or buys some Viagra, Cialis or hell, stock from a spammed suggestion, they give spammers the carrot to continue. No matter how much we hate this shite, fact is, some idiots buy it - and this is why spam still happens. I suggest a new strategy - lets find those fools who actually buys stuff via spam and take away their internet! Track them down! Hang everyone who ever took a blue pill in the town pillory and point and laugh at them. Demand that Pfizer clean up the internet buy buying all drugs from anything but!

Adland® is supported by your donations alone. You can help us out by buying us a Ko-Fi coffee.
Anonymous Adgrunt's picture
comment_node_story
Files must be less than 5 MB.
Allowed file types: jpg jpeg gif png wav avi mpeg mpg mov rm flv wmv 3gp mp4 m4v.
Dabitch's picture

Oh god. Check this quote attributed to Pharmamaster (the Russian spammer) in The Register:

"We didn't think PharmaMaster would go to extreme of launching a denial of service attack against so many organisations. With 20-20 hindsight we wouldn't have made these configuration changes, but at the time we didn't think he'd go so far," Blue Security CEO Eran Reshef told El Reg at the time. "My mistake was not anticipating he'd go berserk."

Blue reckons PharmaMaster hired a botnet to launch the assault. During an ICQ conversation, PharmaMaster told Blue Security that if he can't send spam, there will be no internet.

Nice. Real nice.

Dabitch's picture

I know.. I'm talking to myself again. ;) Here's some more.

In the metafilter post Bye Bye Blue Frog I found some linked email threats sent from the spammer to Blue Frog customers, example 1, example 2.

Also, Blue Frogs method was clarified, seems whenever spam went out the Blue Frog users would send 1 email to the company/website advertised in the spam - this brought some of teh advertised sites down. Now, if you can't server ten thousand customers, don't mail ten thousand people. Seems fair enough doesn't it? Also, this would alert some companies who might not even know it, that they bought "advertising services" off shady spammers.