CastleCops.com Hit With Reputation-Based Attacks

An anonymous reader writes "The all-volunteer based online fraud fighting group CastleCops.com is currently the target of ongoing reputation-based attacks in which criminals use phished PayPal accounts to donate thousands of dollars to CastleCops from dozens of victims. This attack appears to be in response to a recent series of failed denial-of-service attacks against the CastleCops, Web site. From the story: 'A few donations were for as little as $1, while other fake donations ranged as high as $2,800. To the victims of the stolen PayPal accounts, it looks as if CastleCops is the one stealing their money, when in reality, it's the attackers. Also, the fraudulent activity seeks to ruin their relationship with PayPal.' In a comment left on Washingtonpost.com's Security Fix blog, CastleCops co-founder Paul Laudanksi says while the group's site remains under a heavy DDoS attack, it is currently down due to a hardware failure, not the attack itself."

You'd think...

[ackthpt]

With CastleCops.com as a honeypot, ISPs could be contacted to the origin of the DDoS attacks, PayPal could do some investigating of their own as to the IP origins of donations and do something about this stuff.

Fer Bob's sakes, this isn't 2001 anymore, when are these companies and perhaps goverment going to make some strides in shutting down bots and zombies?

How did we get here?

[Anonymous Coward]

How did we arrive at such a completely fucked-up state of affairs, where organized gangs from Russia control what is (arguably) the most powerful supercomputer in existence? How is it that cyber-criminals are able to act with such total impunity? Am I the only person who doesn't understand how this is being ignored amid all the noise about "the war on terror"?

Re:How did we get here?

[DragonTHC]

Russia doesn't care about this stuff. They are busy buddying up with china. And, china is busy hacking DoD servers.
The russian mafia has been in control of the country since the fall of the soviet union. The FSB is made up of former KGB and mafia officers.
These gangs operate with complete impunity.
The answer to these problems is physically denying network access to these countries. Turn off their Internet access.
This creates two problems: Let's see how long russia can go without the Internet, and let's see how long the rest of the world can go without russian porn.
While it's no surprise that communism creates immoral and unethical people, The US government needs to create a policy that makes sense.

The US government will not create that policy because russia is up to its old tricks. Russia has resumed bomber patrol flights. Russia is partnering with china in all sorts of treaties. Russia is creating tension over the US planned missile defense station in eastern europe.

The government, while not the stupid people we believe them to be, will not take steps to aggravate real potential threats against the country.
Their "war on terror" is just a ploy to trick the American people into stepping up military production.

Make no mistake, there is a storm brewing between the US and China. Russia has chosen their side. The middle east is the only unsecured front right now. The US is trying to secure it. Iraq is going to be full of air bases and US production facilities.

So, when organized hacker gangs terrorize American citizens, the US treats it like a civilian law enforcement matter. The US cannot afford to provoke aggression from the Russians.

Re:Not until a law is passed.

[apt142]

It also costs the ISP's money to leave the bot nets up. Imagine how much bandwidth would just free itself up if all the spam, phishing, DDoS, and virus attacks just stopped. I don't know the statistics, but it must make up a shit load of traffic.

Of course, there is a profit to be made in people upping their connection speeds because their pwnd computer is spewing garbage.

But, if I were offered a service where I could count on less of this crap clogging up my tubes, I'd take it.