Interesting story for some of us...

A plan to bump up the bandwidth bills of spammers seems to be getting out of control.
Earlier this week Lycos Europe released a screensaver that bombards spam websites with data to try to increase the cost of running such sites.

But analysis shows that, in some cases, spam websites are being completely overwhelmed by the traffic being directed their way.

The Lycos plan has also come under fire for encouraging vigilantism. - more (http://news.bbc.co.uk/1/hi/technology/4061375.stm)

It's a war out there ;)

Spammers are suspected of hacking into and downing Lycos's anti-spam website just hours after it went live. The website is currently inaccessible and could also be the victim of a DDoS attack. - more (http://www.silicon.com/0,39024729,39126216,00.htm)

I downloaded this, following a link provided in another thread.

I ran NoAdware shortly afterwards, to find 146 tracking cookies has appeared on my PC. And I had only used NoAdware a couple of days earlier!

Now I can find the folder where this program has been lodged so I can't uninstall it. So I have just gone back to my original screensaver in the hope that it won't activate itself on the quiet ....

Originally posted by MrHelicopter
I downloaded this, following a link provided in another thread.

I ran NoAdware shortly afterwards, to find 146 tracking cookies has appeared on my PC. And I had only used NoAdware a couple of days earlier!

Now I can find the folder where this program has been lodged so I can't uninstall it. So I have just gone back to my original screensaver in the hope that it won't activate itself on the quiet ....

I assume that the Screensaver goes to the sites that sell the spammed goods and downloads their page to use up their bandwidth....hence you'll also get the tracking cookies!

I wish Lycos luck - I've just had my blog spammed with ****loads of stuff about online gambling. I've tracked the ISP back and mailed their abuse section. I am well peeved this morning, as I've not closed off the comments option and as far as I'm concerned any spammers out there suffering loss of income - oh dear, how sad, never mind.

Joe

I wish them all the best too.

Theyve got a bit of stick b/c instead of just upping the bandwidth usage of the spammers and causing them financial hardship, the screensaver has worked so well that it as effectively been a DDoS attack.

In a way its vigilante-ism, but there doesnt appear to be any legal way to stop these sites churning out their crap. And in any case, its difficult even to know which countries Law would apply.

Im with Joe, these spammers deserve everything they get. What other recourse do people have?

i don't think the screensaver actually downloads the data, it just sends request after request.

and linked to that, 146 cookies in 4 or 5 days is probably just normal behaviour. Pretty much every website you use will be utilising cookies in some way. Try the scan again in another week and see if not using the screensaver has reduced the buildup rate.

Originally posted by Cyclone
i don't think the screensaver actually downloads the data, it just sends request after request.



Oooh.....

I thought I read somewhere that the screen saver actually displayed the site being 'requested'. Perhaps I got that wrong!

Anyway....I've calmed down now, although the pathetic e-mail I got back from the spammer's ISP has just made me question whether I should increase my blood pressure medication for the day...:)

you can download the screensaver here: http://download2.makelovenotspam.com/screensavers/MLNS_screensaver_en.exe

but it won't go at the moment because the makelovenotspam webservers are not accepting connections to give the screensaver instructions.


Lycos will weather the storm and the plan will continue I hope.

Don't think of it as a denial of service attack, it's just that those friendly people at lycos helping me visit all these websites I keep getting ads for. Surely these spam ads want to generate traffic don't they?

It's just they have an assumed click conversion rate that is so low, they do not give these servers the bandwidth they need to serve pages to all us eager consumers of porn, Pr0n, v14gra, p3n1le xtensions more pr0n and yet more *** ******* hotties *** **** ****** ** *** !!!



I was in two minds about this, but on reflection: if the ISPs won't act, the government won't act and the spammers won't stop - and when spam consumes as much as 50% of internet bandwidth - then the hoi polloi are going to have a go. So I am waiting for the Screensaver to go live again.

Viva la revolution!

Originally posted by Phanerothyme
you can download the screensaver here: http://download2.makelovenotspam.com/screensavers/MLNS_screensaver_en.exe

but it won't go at the moment because the makelovenotspam webservers are not accepting connections to give the screensaver instructions.


Lycos will weather the storm and the plan will continue I hope.

Don't think of it as a denial of service attack, it's just that those friendly people at lycos helping me visit all these websites I keep getting ads for. Surely these spam ads want to generate traffic don't they?

It's just they have an assumed click conversion rate that is so low, they do not give these servers the bandwidth they need to serve pages to all us eager consumers of porn, Pr0n, v14gra, p3n1le xtensions more pr0n and yet more *** ******* hotties *** **** ****** ** *** !!!



I was in two minds about this, but on reflection: if the ISPs won't act, the government won't act and the spammers won't stop - and when spam consumes as much as 50% of internet bandwidth - then the hoi polloi are going to have a go. So I am waiting for the Screensaver to go live again.

Viva la revolution!

in turn this now consumes bandwidth as well.... ddos attacks are illegal under some legislation aren't they, and damages includes the recovery of costs for the bandwidth of all networks that the traffic crosses.
Lycos could be setting themselves up for a huge legal bill....

It would be interesting to see what would happen if Lycos WAS sued - surely the companies that spam supports, who must have means of converting sales to cash and banking that cash - must also be open to charges of 'bandwidth abuse'.

The fact that Lycos are being hacked and the spammers are whining shows that it's getting through. Going after 'the money' - and let's face it, people pay spammers to do this - has got to be the approach to take.

It just struck me that the VB program I wrote to check that web sites are still 'alive' could easily be tweaked to check that the porn and gambling sites are still alive on a very frequent basis...:)

Not that I'd do such a thing...not if I could be traced, anyway...:)

Joe

Originally posted by JoePritchard
It would be interesting to see what would happen if Lycos WAS sued - surely the companies that spam supports, who must have means of converting sales to cash and banking that cash - must also be open to charges of 'bandwidth abuse'.

The fact that Lycos are being hacked and the spammers are whining shows that it's getting through. Going after 'the money' - and let's face it, people pay spammers to do this - has got to be the approach to take.

It just struck me that the VB program I wrote to check that web sites are still 'alive' could easily be tweaked to check that the porn and gambling sites are still alive on a very frequent basis...:)

Not that I'd do such a thing...not if I could be traced, anyway...:)

Joe

Lycos being an american company could be sued under american law by a foreign company, which in turn is not subject to american law and so cannot be counter sued... maybe.
I presume that the sites which profit from spam will be careful to claim that they do not send the spam and it would be difficult to prove that they did apart from the circumstancial evidence of them benefitting from it...

Originally posted by Cyclone
Lycos being an american company could be sued under american law by a foreign company, which in turn is not subject to american law and so cannot be counter sued... maybe.
I presume that the sites which profit from spam will be careful to claim that they do not send the spam and it would be difficult to prove that they did apart from the circumstancial evidence of them benefitting from it...

The 'circumstantial evidence' thing is interesting - if you advertise on pirate radio, you're still in contravention (under UK law) of various broadcasting laws. (I think...it's a while since I've looked this up).

But, all you'd need to do is ask them how they DO advertise their wares. If the amount of traffic they get is not comensurate with their style of advertising, then whack 'em in the same way they hit people who make money from drugs or prostitution. Of course, the fact that several of the spamming beneficiaries are in places like Korea and China would make life more difficult.

The companies that provide the web hosting services are often the same for hundreds of spam beneficiaries, so why not go one step higher up the food chain and hit those hosting companies?

Or....ask Visa, mastercard, Amex, paypal, Worldpay, et al not to process the money.

Joe

Originally posted by Cyclone
in turn this now consumes bandwidth as well.... ddos attacks are illegal under some legislation aren't they, and damages includes the recovery of costs for the bandwidth of all networks that the traffic crosses.
Lycos could be setting themselves up for a huge legal bill....


I don't think so.IMO

If I set up a webserver on my home box and opened it to the net (with small amount of upstream bandwidth), I could claim denial of service attacks whenever anyone accessed my homepage.

These spammers sites are being forced off the net because makelovenotspam overestimated their capacity. At the moment they are tuning the screensavers instructions to tone it down, as all they want to do is request content, and increase response times, but not exclude other users from the site. They have been victims of their own success.

I think it is borderline as to whether it consitutes a DDOS, because that is usually carried out by one organisation with an army of compromised computers.

In this case users are willingly downloading the screensaver, installing it themselves and intentionally participating in a campaign to fulfil the wildest clickthrough dreams of any internet spam marketeer. a 100% clickthrough rate for every email sent, in principle.

It's like someone paying the postage for you to post you old AOL cds back to the AOL chairman personally.

You could do it yourself, but someone has just made it easier for you, and everyone else. (nomoreaolcds.com) Makelovenotspam.com follows a similar particpatory model.

It does add to network traffic, that is undeniable, but it has not, according to what I've perused, added a significant amount, and neither has it made a defining attempt to swamp the offending sites.

And since a lot of these sites are held on servers in places like china to avoid us anti spam regs, the chances of a lawsuit against lycos europe (who are just distributors for the software, which is made my makelovenotspam.com) are slim to non-existent IMO.

The only sites being named are urls in emails (i.e an invitation to "hit" like an invitation to treat). the spammers emails are provided by spamcop.