DDoS Spam Feud Backfires: Bulletproof CyberBunker Busted

  /     /     /  
Publicated : 22/11/2024   Category : security


DDoS Spam Feud Backfires: Bulletproof CyberBunker Busted


Stophaus.com campaign and anarchic, allegedly pro-spam Dutch hosting provider have apparently been disrupted via ongoing DDoS attacks.



Anonymous: 10 Things We Have Learned In 2013 (click image for larger view and for slideshow)
Distributed denial-of-service (DDoS) attack proponents beware: Your own websites may also be targeted for disruption.
The anything-goes Dutch hosting provider
CyberBunker
, which has been accused of backing a DDoS disruption campaign against anti-spam site Spamhaus, as of Thursday morning found its own
supposedly bulletproof website
knocked offline, making it the apparent victim of a sustained DDoS attack.
Thats an ironic twist for CyberBunker, which has been one of the most outspoken proponents -- and, some have alleged, sponsors -- of a week-long series of
massive DDoS attacks against Spamhaus
.
Attempts to reach CyberBunker for comment failed, in part because the companys Web-based contact form remained offline. Likewise, Sven Olaf Kamphuis, a spokesman for CyberBunker, didnt immediately respond to a message sent to his personal Facebook account, seeking comment about the apparent DDoS campaign targeting the hosting provider.
[ Meet the new cybercrime policy proposal, same as the old cybercrime policy proposal. See
Tougher Computer Crime Penalties Sought By U.S. Legislators
. ]
CyberBunker, which says its headquartered in an ex-NATO former military nuclear warfare bunker that is currently utilized as bulletproof data center, made a name for itself by advertising services to any website except child porn and anything related to terrorism. The company previously gained notoriety for providing hosting to the Russian Business Network cybercrime gang, which the
FBI ultimately helped dismantle
.
Lately, CyberBunker has backed the so-called Stophaus.com campaign, which is designed to knock anti-spam organization Spamhaus offline. As of Thursday morning, however, the Stophaus.com website was also unreachable, with the homepage resolving to a page that read only database error.
CyberBunker spokesman Kamphuis claimed that his company isnt responsible for the DDoS attacks that were first launched last week against Spamhaus. Well, its not us, its a group of Internet providers which goes under the name Stophaus.com. Its basically a collective of a lot of people and Internet providers, and theyve had previous issues or current issues with Spamhaus,
Kamphuis told broadcaster Russia Today
Wednesday. Spamhaus pretends to be spam fighters, but effectively theyre just a censorship organization which worked itself into a position where they can just look at a website and shut it down, he said.
But CyberBunker appears to have few backers outside of pro-spam circles. These guys are just mad, Patrick Gilmore, chief architect at digital content provider Akamai Technologies
told
The New York Times
. To be frank, they got caught. They think they should be allowed to spam.
The target of the Stophaus.com campaign is the Spamhaus Project, which is based in Geneva and London, and which was founded in 1998 by Steve Linford. Currently its run by about three dozen investigators and forensic specialists. Numerous service providers, as well as government and military network operators, rely on Spamhaus real-time spam-blocking databases to help them block spam. Spamhaus is directly or indirectly responsible for filtering as much as 80% of daily spam messages,
according to Matthew Prince
, CEO of DDoS prevention service CloudFlare, which last week announced that Spamhaus had become a customer.
The anti-spam operation evinces a blunt, take-no-prisoners attitude, which has included publishing names and photographs -- including images that appear to be family photos -- of people in its
Register Of Known Spam Operations
(ROKSO) database, which lists what it says are the worlds top 100 spammers, collectively accounting for 80% of all spam. Spamhaus has also accused Andrew Jacob Stephens (aka Mail Mascot), whos
listed in its ROKSO
, as being the prime mover behind the Stophaus attacks. It also
traced a fake Anonymous Operation
-- Operation Stophaus -- supposedly launched last week, to Stephens. Spamhaus anti-spam crusade often sounds personal. Its listing for Stephens, for example, accuses him of being a spamware, spam service and spam list seller, who sells spamware designed to break federal law in the U.S., and who fraudulently sells harvested lists as opt-in, sells bulletproof hosting and showshoe mailing setups to other naive spammers. Finally, it accused him of setting up a fake church to scam donations and try to avoid paying taxes.
Spamhaus provoked the ire of CyberBunker in October 2011, after it designated the hosting provider to be providing a spam support service, and asked the companys upstream service provider, A2B, to cancel its service. After A2B declined, Spamhaus responded by blacklisting A2B in its entirety, which did drive the service provider to drop CyberBunker as a customer. But A2B also
filed a complaint with Dutch police
, accusing Spamhaus of extortion.
CyberBunker is now leading a battle to scuttle Spamhaus. We were the only ones to have the balls ... to not cave in to Spamhaus demands, said CyberBunker spokesman Kamphuis. I mean these people are blackmailing national domain registrars. The national Russian telecom regulatory people called them an illegal organization.
The DDoS resources brought to bear in attacks against Spamhaus suggest just how lucrative the practice of mass emailing -- or spamming -- can be, which also explains why many criminal gangs are involved. Numerous malware gangs, for example, use botnet-driven zombies to infect PCs and turn them into spam relays, sending emails
selling pharmaceuticals and luxury goods
, or distributing yet more malware, including malicious Trojan applications designed to steal peoples personal financial information.
As Spamhaus success has eroded the business model of spammers, botnet operators are increasingly renting their networks to launch DDoS attacks, said CloudFlares Prince.
The ongoing battle between Spamhaus and the business interests that its apparently disrupting highlights the extent to which laws can do little to arrest spam. Legislative window dressing such as the
Can-Spam Act
passed by Congress in 2003 unfortunately lives up to its double meaning, since so much spam today either gets issued from countries that dont police mass-email purveyors, or generated by malware thats infected otherwise legitimate PCs.
But as shown by the months-long Operation Ababil campaign being
waged against U.S. banks
, blocking DDoS attacks outright remains tough, and tracing the attacks back to the organizations that are launching or funding them appears to remain quite difficult.
Indeed, asked to respond to a
BBC report
that at least five governments have tasked law enforcement teams to investigate the DDoS attacks, CyberBunker spokesman Kamphuis appeared to be unconcerned. I doubt that the people who did the attacks are in any country where doing a DDoS attack is illegal or where they can even be found -- so, not much issue there, he said.

Last News

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security

▸ Researchers create BlackForest to gather, link threat data. ◂
Discovered: 23/12/2024
Category: security

▸ Travel agency fined £150,000 for breaking Data Protection Act. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
DDoS Spam Feud Backfires: Bulletproof CyberBunker Busted