Slashdot Log In
BlueSecurity Database Compromised?
from the bad-news dept.
Stray1 writes ""You are recieving this email because you are a member of BlueSecurity...." An email from unknown detractors has taken the Bluesecurity anti spam lists and decided to take matters into their own hands. I recieved this Email from an anonymous, and garbled host, which went on to say in not so fantastic english that I, as a Blusecurity member, would recieve this and many more (about 20 -30) spam messages a day until I left the blue security community. Blue Security, (www.bluesecurity.com)a website and community designed to lessen your Spam Email, is down for the moment. Is this what we have come to? Spam,(erm 'high volume email') companys holding your address hostage until you comply? "...We mightve had your email addresses before in our lists, but now, we are targetting YOU, because YOU are a bluesecurity user". I have to say, up until this point, my spam was down by about 70% to 80%."
I'd call the bluff (Score:5, Insightful)
Screw the spammers. (Score:4, Interesting)
What must be done (Score:4, Interesting)
Re:What must be done (Score:4, Funny)
Sure, it's a nasty form of attack, but then that's no less than spammers deserve.
Parent
Re:What must be done (Score:4, Interesting)
Actually, there's a very nice client written in C++ that does a damn good job. No CC data or anything, but 'please remove me' forms. If you're confused, read the article again; it's mentioned.
Parent
Re:What must be done (Score:5, Insightful)
If you're confused, read the article again; it's mentioned.
Thanks Tips, but all four links in the article seem to be unreachable.
Parent
Re:What must be done (Score:5, Interesting)
Parent
Re:What must be done (Score:3, Insightful)
Problem is, that to waste their time, you have to waste your time. I sometimes do respond to junk (paper) mail by sending random junk in the envelope. Sometimes I actually write a letter demanding they remove me from their lists. No matter what I do, it doesn't end. Capital One still sends me junk mail despite multiple letters between us -- me demanding them to stop, them reassuring me they will honor my request. Junk mail is even worse because it is more anonymous -- it is easy to forge headers and mask wh
Re:What must be done (Score:4, Informative)
Parent
Re:What must be done (Score:3, Informative)
'According to rule 917.243(b) in the Domestic Mail Manual, when a business reply card is "improperly used as a label"--e.g., when it's affixed to a brick--the item so labeled may be treated as "waste." That means the post office can heave it into the trash without further ado.'
Re:What must be done (Score:3, Informative)
Re:What must be done (Score:4, Funny)
The brick idea, no. But the SD article made a nice suggestion - A rectangular chunk of nice thick sheet metal would fit well inside the return envelope, yet weigh far more than one ounce.
Also, one point on the SD article:I can tell you exactly why people ask for more junk mail...
They own wood stoves.
Parent
Unrestricted Warfare (Score:5, Funny)
Re:Unrestricted Warfare (Score:3, Funny)
Shortly thereafter, the global average temperature will fall a few degrees?
So, is the database compromised? (Score:4, Interesting)
BlueFrog has been criticised for it's so-called "vigilante" approach.. it's not alone in this approach, but perhaps this does go to show a potential downside: spammers are evil - pissed off spammers will simply direct the evil at the people who pissed them off.
Re:So, is the database compromised? (Score:3, Insightful)
So what do we do -- surrender, because some spammer compromises this one system? Blue Frog has its own problems, but their idea is sound, if a bit "above the law." Let Blue Frog users forward the emails to them and let the company go after the spamm
Re:So, is the database compromised? (Score:4, Informative)
I am a victim of the blackmail letter as well. It's easy to figure out how the spammers got my email address, they already had it. They simply backed up their address book, cleaned their list with Blue Security's tool, then "diffed" the database to figure out who was BlueSecurity member.
Another note, BlueSecurity is not Slashdotted. It is unavailable because of a DDoS attack started sometime earlier this week. The attack started submitting invalid PHP requests, making the site slow to a crawl and at times be completely unavailable.
I write about it on my blog. [blogspot.com] More on the attack here. [realtechnews.com] The threating letter I received is also on my Slashdot journal.
Parent
Re:So, is the database compromised? No. (Score:5, Informative)
What's lkely happening: Spammer has a mailing list. Spammer uses BlueSecurity's "cleanlist" tool to clean registered addresses from his mailing list. Compare original list to cleaned list - email addresses that are in the first but not the second are BlueSecurity registered.
By this logic, email addresses that the spammer does not already have are not made available to the spammer in any way via BlueSecurity's own list. Delivery patterns of the attack spams support this observation.
I'll also note that Gmail's own spam filters are already capturing all of these attack spams; I only got two in my mailbox this morning, about 50 more were filtered.
This is the first time I'm aware of that a spam prevention service has worked so well that it's got a spammer pissed off enough to lash out. BlueSecurity++
Parent
Bluefrog does WHAT? (Score:3, Funny)
WHAAAAAT?
Bluefrog HELPS SPAMMERS LISTWASH?
Holy fuck. They should say to spammers, 'No, we won't tell you who our users are. Just stop spamming everyone for whom you don't have a confirmed opt-in, and you won't have any more trouble from us.'
If they're helping spammers listwash, then they're firmly on the Dark Side. Fuck 'em.
Monty Python (Score:3, Funny)
How about posting the web site addresses involved? (Score:3, Funny)
Email I Received (Score:5, Informative)
----
You are being emailed because you are a user of BlueSecurity's well-known software "BlueFrog." http://www.bluesecurity.com/ [bluesecurity.com]
Today, the BlueSecurity database became known to the worst spammers worldwide. Within 48 hours, the database will be published on the Internet, and your email address will be open to them all. After this, you will see the spam sent to your mailbox increase 10 - 20 fold.
BlueSecurity was illegally attacking email marketers, and doing so with your help. Many websites have been targeted and hit, including non-spam sites. BlueSecurity's software has been fully analyzed, and contains an abundance of malicious code. This includes: ability to send mass mail to users; the ability to attack websites with Distributed Denial of Service attack (DDoS); the ability to open hidden doors on any machine on which it is running; and a hidden auto-update code function, which can install anything on your computer and open it up to anyone.
BlueSecurity lists a USA address as their place of business, whereas their main office is in Tel Aviv. BlueSecurity is run by a few Russian-born Jews, who have previously been spamming themselves. When all is said and done, they will be able to run, hide and change their identities, leaving you to take the fall. YOU CANNOT PARTICIPATE IN ILLEGAL ACTIVITIES and expect to get away with it. This email ensures that you are well aware of the situation. Soon, you will be found guilty of computer crimes such as DDOS attacking of websites, conspiracy, and sending mass unsolicited bulk email messages for everything from viagra to porn, as long as you continue to run BlueFrog.
They do not take money for downloading their software, they do not take money for removing emails from their lists, and they have no visible revenue stream. What they DO have is 500,000 computers sitting there awaiting their next command. What are they doing now?
1. Using your computer to send spam ?
2. Using your computer to attack competitor websites?
3. Phishing through your files for your identity and banking information?
If you think you can merely change your email address and be safe while still running BlueFrog, you are in for a big surprise. This is just the beginning...
Go ahead, grab the snake... (Score:4, Funny)
PLUS! The blue security e-mail database contains a bogus honeypot address per each valid e-mail address.
If this rumour is true, it will be a fatal mistake for the spammers. Because the blue community are ALREADY fighting back. Not only with form complaints on the spammers' websites, but with FORMAL complaints to the FCC, geocities, Microsoft,the MPAA and the FDA about illegal offers.
I joined Blue Security because I already receive 100 spam mails PER DAY. Do you think it'll make a difference whether I receive 100 or 500 e-mails a-day? (99.9% of it is sent to my junk-mail, where it's fed back automatically to Blue Frog)
I feel no mercy for spammers. That's right, you're messing with the wrong guys. The release of this list will only make us MORE POWERFUL.
Do you feel lucky? PUNKS?
P.S. Interesting - the captcha for this post was "predate". I like it. B-)
Parent
Re:Email I Received (Score:3, Informative)
No, it absolutely does not confirm that they've been hacked. See my previous comment about how it's likely that the spammer simply confirmed BlueSecurity registration for addresses he already has, but is unable to get new addresses out of the BlueSecurity database.
http://it.slashdot.org/comments.pl?sid=184656&cid= 15245875 [slashdot.org]
Nice FUD but... (Score:5, Insightful)
Parent
Re:Email I Received (Score:4, Informative)
Parent
The REST of the story ... (Score:3, Insightful)
Contrary to what the author wrote, there's closer to 475,000 members, not just a few 10's of thousands, enough that several major spammers have already agreed to not spam members due to the huge financial hits they were taking with the bluefrog choking off their websites.
What a joke, what dumbass would really believe that the spammers will not spam you if you leave blue security? Who here will admit to believing the criminals?
What I received (Score:5, Interesting)
"Hey,
You are recieving this email because you are a member of BlueSecurity (http://www.bluesecurity.com).
You signed up because you were expecting to recieve a lesser amount of spam, unfortunately, due to the tactics used by BlueSecurity, you will end up recieving this message, or other nonsensical spams 20-40 times more than you would normally.
How do you make it stop?
Simple, in 48 hours, and every 48 hours thereafter, we will run our current list of BlueSecurity subscribers through BlueSecurity's database, if you arent there.. you wont get this again.
We have devised a method to retrieve your address from their database, so by signing up and remaining a BlueSecurity user not only are you opening yourself up for this, you are also potentially verifying your email address through them to even more spammers, and will end up getting up even more spam as an end-result.
By signing up for bluesecurity, you are doing the exact opposite of what you want, so delete your account, and you will stop recieving this.
Why are we doing this?
Its simple, we dont want to, but BlueSecurity is forcing us. We would much rather not waste our resources and send you these useless mails, but do not believe for one second that we will stop this tirade of emails if you choose to stay with BlueSecurity.
Just remember one thing when you read this, we didnt do this to you, BlueSecurity did.
If BlueSecurity decides to play fair, we will do the same.
We are quite sure you will think this will not continue, that we will not continue wasting our resources doing this, feel free to wait out the first 48, or the second, and see whether these stop, you will be quite suprised.
If you have another email under the protection of bluesecurity, and have not recieved this there, do not worry, you will soon enough.
We mightve had your email addresses before in our lists, but now, we are targetting YOU, because YOU are a bluesecurity user.
You might also notice, that the BlueSecurity site(http://www.bluesecurity.com) is down..
Just remove yourself from BlueSecurity, and make it easier on you.
Sal Webber"
Blue security must be working (Score:5, Insightful)
Blue Security coming back online (Score:3, Interesting)
As many spammers choose to comply with the Registry (see our recent blog posts here [bluesecurity.com], here [bluesecurity.com] and here [bluesecurity.com]), other spammers may resort to other means in an attempt to avoid compliance.
A major spammer had started spamming our members with discouraging messages in an attempt to demoralize our community. This spammer is using mailing lists he already owns that may contain addresses of some community members.
We have also received complaints from users about spam allegedly sent from Blue Security promoting our anti-spam solution and our web site. This is yet another tactic used by some spammers in an attempt to slander us by sending unsolicited email forged to appear as if it was sent from Blue Security. Blue Security is an anti-spam company determined to fight spam and as such never has and never will send unsolicited email.
Our answer to those criminals should be one - we will not be discouraged; We will continue to exercise our right to opt-out of spam.
If you are not a member of our community, now is the time to actively fight spam and make spammers leave you alone. For more information click here.
If you are already a member of our community, make spammers hear you load and clear - report your spam, let Blue Frog fight spammers on your behalf.
We regret any inconvenience caused by this incident.
Best Regards,
Blue Security.
They don't have the database! (Score:5, Informative)
First they ignore you... (Score:4, Interesting)
then they fight you...
then you win
One thing is safe to know: At least the spammers are now PAYING ATTENTION to us. A year ago they didn't even know we exist. Then they tried to give bad publicity to Blue Security in anti-spam websites (they said bluefrog was a botnet).
Later, SendSafe [oreilly.com] included an option to use bluefrog's list to NOT send spam to those addresses.
Finally, they're targeting us directly. You know what that means B-)
Also, I doubt the database's been compromised. I'm sure they only diffed the original and the filtered e-mail list. This means that only a small percentage of e-mail targets has been truly released.
Re:First they ignore you... (Score:3, Interesting)
<tt>
Dies ist eine automatisch erstellte Benachrichtigung +APw-ber den Zustellstatus.
+ANw-bermittlung an folgende Empf+AOQ-nger fehlgeschlagen.
dunham@cardse.com
Final-Recipient: rfc822;dunham@cardse.com
Action: failed
Status: 5.1.1
---------- Forwarded message ----------
From: "BlueFrog member" <bryan@fordi.org>
To: <dunham@cardse.com>
Date: Tue, 02 May 2006 20:28:24 +0300
Subject: {Spam?} FW:Join the top-level Israel internet sec
Anyone even bother to research this? (Score:3, Interesting)
Hasn't anyone gone to bluesecurity.com to actually see what THEY have to say about this "security breach"?
I have two other email address that WERE NOT signed up with BlueFrog also getting this spam.
BlueSecurity's official statement is this:
In short, the spammers are PISSED and they'll do anything to get people to unsubscribe from BlueFrog, including sending spams with lies. Don't fall for it. Keep fighting spam.
DoS and Explanation (Score:4, Informative)
According to this article [realtechnews.com] BlueSecurity is the target of a DoS attack.
Also, here's their explanation of the spammer's countermeasure:
Makes sense to me, and explains why only BlueSecurity users are getting the emails.
Re:Eye for an Eye? (Score:4, Insightful)
'Vigilante' would imply something illegal is going on. This is market forces at work - more effective, generally, than government intervention.
Parent
Re:Eye for an Eye? (Score:5, Insightful)
This is 'a community action to produce a market incentive', which is wholly different from 'vigilantism', at least in a literal sense.
Sure, sure, it looks like we're locked in this huge digital superhero battle between the evil spammers and the innocent citizenry, but face it: We're making an attempt to prevent high-volume e-mail to our e-mail addresses from being profitable, and that is all. We are consciously generating market pressure to achieve a goal, and we are doing it in an unorthodox, but morally and legally clean way.
A segment of the population has said, 'High-volume e-mail is annoying enough to be a breach of the peace, as far as I'm concerned. I want none of it, and I will make an effort to prevent my mailbox from recieving them, by filter and by incentive."
Your use of the term 'vigilante tactics' is an obvious attempt to cast a dim light on the activities of the Blue Security community. It brings a baseless accusation to mind - and this being slashdot, I'm inclined to make it - but I think I'll leave the obvious to the outside observer.
Frelling trolls.
Parent
Re:Eye for an Eye? (Score:3, Interesting)
YOU CANNOT PARTICIPATE IN ILLEGAL ACTIVITIES and expect to get away with it.
So... but it's okay to forge headers, right? And use a botnet to flood my inbox with this crap, right? A botnet which was built by writing a virus that would turn an unsuspecting user's computer into a zombie so you could pump out more of this crap like a frikkin' coward from some bunker in the midwest. That part is totally a-okay right?
News flash for pathetic spamm
Re:Eye for an Eye? (Score:3, Insightful)
Re:Eye for an Eye? (Score:3, Interesting)
Re:vigilante rant (Score:3, Interesting)
Anyway, that sort of behavior will almost always get you marked offtopic. Just cos it relates in some vague, hazy way does not make it relevant.
I may be ignorant, but I'd like to see how illegal immigrants are more of a threat to a 'blue-collar' (unskilled labor) job than legal immigrants. Further, I'd like to know why there's such a glut
Re:Eye for an Eye? (Score:5, Interesting)
Actually, I've found that things some people think are unfortunate or bad beget shallow, empty platitudes.
Sometimes, violence simply ends violence, because there is no other way. Sometimes, fighting fire with fire is the best way. Sometimes showing someone what it's like to suffer the consequences of their own actions actually changes their behavior.
I'm all for as many technical approaches as possible, but finding "a real solution to the problem" that doesn't involve some degree of making this painful/costly for the spammers simply isn't going to work. Even if, through filtering, you can get 99% of the stuff blocked, all they have to do is increase the volume that much more to make that remaining 1% still pay off. Remember, they're not paying for their own overhead most of the time.
Your "real solution" comment, in the context of "violence only begets violence" is completely tone deaf. You're applying Israeli-Palestinian-conflict-type babble to a completely different situation. The spammers are not oppressed, or the victims of some historical violent wrong... they're a parasitic, bandwidth sucking plague. Any means by which we can stop them is called for. Surely you don't think that you're going to just turn the other Bayesian Filter Cheek, or write a Korea-bound, thought-provoking appeal to integrity and expect the onslaught to stop? Tempting as it is, no one is suggesting actual violence - just a substantial response in kind, only when provoked. It's called self defense, and it's an appropriate measure because it only happens when an illegal spammer causes it to happen.
How fortunate for you that you've never had anything violent threaten you, requiring you to offer up a physical deterrent to stop it. If you had, you might rethink your metaphors.
Parent
Re:Eye for an Eye? (Score:3, Insightful)
I was both addict and dealer back in my late teens. I got out of there damned quick when I saw how dangerous it was (got clipped in the ear during a soured deal - damned lucky I got out alive).
You say you continued to work in
Re:Eye for an Eye? (Score:3, Insightful)
Naaah, let's just spam the bastards 'till they're blue. If I got a blackmail message like that, I'd change my e-mail (I know it'as not easy but it isn't THAT hard too) and setup a friggin server cluster to spam the spammers.
It's the war against spam people, if you're not with us... you're funding spam activities, there we go.
Neville Chamberlain, is that you? (Score:3, Insightful)
Re:Eye for an Eye? (Score:3)
What a load of hippie crap. Next thing you will probably move on to even more idiotic bumpersticker philosophy like "violence never solved anything."
Learn the difference between initiating force and resisting it. One is perfectly moral and one isn't. Resisting violence often reduces future violence instead of 'begating violence.' Since you lack clue I'll state the obvious, the violent only attack those who they believe to be weaker. (unless they a
Re:Eye for an Eye? (Score:3, Insightful)
I believe that some 2000 years ago they nailed someone to a cross who had pretty similar ideas.. Seems he has a huge following outside the hippie scene also. Ok, I have to say that he looked a bit like a hippie.
Learn the difference between initiating force and resisting it. One is perfectly moral and one isn't. Resisting violence often reduces future violence instead of 'begating violence.' Since you lack clue I'll state the obvious, the violent only attack those who they believe
Re:Eye for an Eye? (Score:3, Funny)
Don't Back Down (Score:3, Insightful)
All the best with it.
Re:So... (Score:4, Interesting)
Meanwhile, stay on, ride it out. Use your spam filter to catch the spams; heuristics will still capture the spams they're sending if they're reported. This guy is desperate - likely going bankrupt - and some of us in the Blue Community would like to see him and his sort become paupers for their asshattery.
Parent