Please create an account to participate in the Slashdot moderation system


Forgot your password?
Security Spam

Password Gropers Hit Peak Stupid, Take the Spamtrap Bait 100 (447981) writes Peter Hansteen reports that a new distributed and slow-moving password guessing effort is underway, much like the earlier reports, but this time with a twist: The users they are trying to access do not exist. Instead, they're taken from the spamtrap address list, where all listed email addresses are guaranteed to be invalid in their listed domains. There is a tiny chance that this is an elaborate prank or joke, but it's more likely that via excessive automation, the password gropers have finally hit Peak Stupid.
This discussion has been archived. No new comments can be posted.

Password Gropers Hit Peak Stupid, Take the Spamtrap Bait

Comments Filter:
  • I expect his file was probably indexed by a search engine (he does talk about it fairly often in his blog) and the botnet found it there. The botnet isn't smart enough to know that the email addresses aren't real - it only knows they are valid - so it went ahead and went for it. Hell if you were looking to compromise email addresses for your own nefarious purposes and had a small army of compromised PCs to attempt the password hacking, you wouldn't care if you were attempting to access valid addresses or not.
  • by ZorinLynx ( 31751 ) on Wednesday August 13, 2014 @10:46AM (#47662897) Homepage

    Populate the net with files like this full of E-mail addresses that are not valid. Have dummy accounts on the appropriate servers that will accept the logins, allow the spambots to think they're successfully sending E-mails when in fact they're all going into the bit bucket.

    For added effect, make the servers respond v e r y s l o w l y under these accounts, taking tens of seconds to "send" the E-mail, a minute or so to log in, etc. Basically, slow the spam bots down and waste their time. Of course, the bots will probably eventually evolve to detect such shenanigans, but why make spammers' jobs easy? :)

When you make your mark in the world, watch out for guys with erasers. -- The Wall Street Journal