[ISN] Lycos anti-spam site hit by hackers

InfoSec News isn at c4i.org
Wed Dec 1 06:09:10 EST 2004


Munir Kotadia
ZDNet Australia
December 01, 2004

Spammers are suspected of hacking into and downing Lycos's anti-spam
Web site just hours after it went live. The Web site is currently
inaccessible and could also be the victim of a DDoS attack.

Lycos on Tuesday kicked off its "make love not spam" campaign by
offering users a screensaver that helps to launch distributed
denial-of-service (DDoS) attacks on spammers' Web sites. The company
said the screensaver uses the idle processing power of a computer to
slow down the response times from spammers' Web sites - much in the
same way spammers use compromised PCs to distribute unsolicited email

However, within hours of the makelovenotspam.com site being launched,
the original front page was replaced with a simple message:

"Yes, attacking spammers is wrong. You know this, you shouldn't be
doing it. Your IP address and request have been logged and will be
reported to your ISP for further action."

Finnish antivirus firm F-Secure, which advised users not to
participate in Lycos' campaign because of "possible legal problems",
suspects the site has been hacked by a pro-spam group because "they
definitely would have a motive to attack the site".

F-Secure reported that the Web site had returned to normal by around 6
a.m. (Sydney time) but at the time of writing makelovenotspam.com was
unavailable and could be under a retaliatory DDoS attack.

Earlier this year, Symbiot, a Texas-based security firm launched a
corporate defence system that was designed to fight back against DDoS
and hacker attacks by launching a counter-strike.

At the time, Symbiot's president Mike Erwin said that "totally
passive" defences were "not an adequate deterrent" and argued that for
complete defence an "offensive tactic must be employed".

Security experts were alarmed at the company's attitude and warned
that such tactics could be counterproductive.

Jay Heiser, chief analyst at IT risk management company TruSecure,
said Symbiot's proposal was a very bad criterion for choosing
risk-reduction measures.

"There is no evidence that this is the most effective way to deal with
the problems and there is quite a bit of historical precedence that
indicates it is totally counterproductive," said Heiser.

Lycos was unavailable for comment.

ZDNet Australia's Munir Kotadia reported from Sydney.

More information about the ISN mailing list