• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
Mike

SWI hit by another DDoS attack

46 posts in this topic

Yesterday afternoon, SpywareInfo was hit by another distributed denial of service attack. At 12 midnight this morning, the site finally went down. Unfortunately I was offline because of a thunderstorm, so it stayed down until I got online today. Some changes have been made in the datacenter and the site should be fine now. Sorry for the inconvenience.

 

The forums were not effected by this attack.

Share this post


Link to post
Share on other sites

Ddos them back starting with cws.

Make a tool and spread it the legal way and organise a ddos session on cws.org. Think you could even do it legaly becaurse if the things cws is doing is legal why should it be illigal when we do it. Ow not doing it in the name of SWI ofcourse but if an anonimous would make a tool and do it to them.

The law isn't doing anything to stop this so why not take action ourselfs.

 

Serious here.

Share this post


Link to post
Share on other sites

Doing that would only reduce us to their level, which I, for one, am not willing to do. I'm not trying to lecture here, but none of us on this site should even make suggestions like the one above.

Mike's been trying to spread the word about SPYBLOCK Act, S. 2145, which if passed should help ease the problems of malware a great deal, so contact your senators and spread the word.

Share this post


Link to post
Share on other sites

While you wait 5 year cws(as example) will damaged numerous computers and waste valible time of computer owners. Also I dont see it as lowering to their level. This is a problem were the whole world have to deal with, not only the US so even if USA adops(sp) Mike's proposal the spyware will continue becaurse the spyware will come from other countries were USA cant get involved with becourse it has no jurastiction in that country.

Edited by SirPeter

Share this post


Link to post
Share on other sites

That Spyblock stuff, does it only affect USA laws?

 

I was wondering about DDoS again, is it even legal?

 

Cause honestly... I know this may sound dumb... but why not? They deserved it more than anything...

 

Otherwise, if it is legal, who's up for some secret meetings outside SWI :D

 

Hahaha, just kidding, I don't personally think we should lower ourselves to their level as a group... but thinking OUTSIDE of SWI, as individuals, if it is all legal, why not? As long as we don't do this on SWI's behalf, and we do it as individuals...

 

I don't know...

 

 

Bad Idea though...

Share this post


Link to post
Share on other sites

My firewall has been listing weird hits from China. Is this attack coming from China?

Share this post


Link to post
Share on other sites

DDOSes are a violation of your Terms of Service with most ISPs. If they catch you, they cut you off. Here in the USA, it's also a violation of the FCC "access to communications" act, probably at least a misdemeanor. I've forgotten when it was implemented, but it basically says it's illegal to restrict someone's access to communications, which a DOS surely does. I had to find a copy of it once 'cos a friend couldn't put up a small satellite dish, per newly instituted "association" rules. The association backed down when they got a nasty-gram from the FCC.

 

side note:

I used to mail-bomb spammers by sending 'em 500K chunks of aggregated spam that I'd gotten previously. After about 4 to 10 <send> buttons, they'd start bouncing as their server went full. Poetic justice, if you think about it. One of 'em complained that their mailbox blew up (my heart bleeds for you) and my ISP warned that further retribution on my part would end my access. I've played nice since then. The tech guy at the ISP was amused at what I was doing, but it was illegal and he had to play it hard. I'm sure he was wishing he could figure out a way to do the same thing legally.

 

Soapbox:

With this latest round of hijacks and malware the last several months, it's getting bad enough that The Herd may finally stand up and bleat their annoyance. If the entire Internet Community agreed, we could IDS (Internet Death Syndrome) the servers that are foisting this cr#p off by simply not routing packets to or from them. They do NOT have a "right" to attack computers at random, and we can stop 'em. It'd take coordinated effort with the routers surrounding 'em, but it's do-able. Personally, I'd take the same approach with SPAM, but it's getting a lot harder to track the idiots down. If you figure out how many man-hours have been lost due to SPAM and hijacks, this last several months counts as a worse disaster than most hurricanes, and it's approaching World War status.

It'd likely only work in a few countries, but we COULD filter out the stuff being thrown in from offshore with sufficient packet filtering. They'd have to beef up the main nodes to handle the excess processing, but it's just tech, and we can handle that if we choose to. What say you, sheep?

Share this post


Link to post
Share on other sites

My father was so pissed when we got spyware that messed up our expensive new burner,he said he wanted to make a program that will get them back and wipe out their server...Anyone think this is possible?

Share this post


Link to post
Share on other sites

Don't sink to their level. There are... more interesting... methods that are possible, and all of them are more morally satisfying than just DDoSing the rats.

 

Besides, it's illegal, and you don't want to end up in prison, not even a minimum-security one.

Share this post


Link to post
Share on other sites
[...]

Besides, it's illegal, and you don't want to end up in prison, not even a minimum-security one.

Especially if the Evidence ELiminator site is right :eek:

Share this post


Link to post
Share on other sites

The site is under attack again. For the moment I'm redirecting to a mirror on the same server as the forums. If the forums slow down too bad, I'll switch to another mirror.

 

Edit: Not a DDoS attack this time. The main web server has died.

Edited by Mike

Share this post


Link to post
Share on other sites

It's not a DDoS this time. My main web server in Atlanta has died. The data center techs are pulling it apart now to see if the data on the hard drives can be saved :(

Share this post


Link to post
Share on other sites
[...]

Besides, it's illegal, and you don't want to end up in prison, not even a minimum-security one.

Especially if the Evidence ELiminator site is right :eek:

They still use those????

Share this post


Link to post
Share on other sites

Of all the BULLSHIT! The host for the server the forums run on SHUT THE DAMN THING DOWN! Completely without warning!

Share this post


Link to post
Share on other sites

/me sees a spyware coder laughing and starts beating the crap out of the coder. Stop laughing at Mike!

 

Anyway I hope you can save the data :(

Share this post


Link to post
Share on other sites
Of all the BULLSHIT! The host for the server the forums run on SHUT THE DAMN THING DOWN! Completely without warning!

Not the most professional act in the world; morons.

Share this post


Link to post
Share on other sites

I would say they owe you a month or more of free service....go get 'em, Mike!

Share this post


Link to post
Share on other sites

I feel we do not need to use their methods. The work that is being done here must be having some effect or they would not pay any attention to the work being done here.Another point is that what is done in here is done for righteous reasons and not for monetary gain.That I assure you pisses them off.We are on the right track here!The attacks are a good sign.The more you figure them out and undue their evil the harder they have to work, and if they want to spend time DDosing us so be it. That's less time spent on writting new evil programs to get around us.We are in their face and they don't like it!!

Share this post


Link to post
Share on other sites

I am relatively new to this, having just (finally) cleansed my PC of multiple infections of spyware. (Thanks again!) You provide a valuable service to the public. I too have seen a dramatic increase of these infections in recent months.

 

It is certainly something the government should take an interest in. It is not only counterproductive for users to have to waste their time cleaning and defending against this unethical eruption of code, but could be considered a threat to national security. What if there was another Bin Laden patiently planning a multi DDOS attack to shut down critical systems in our country? (Power grids, defense communication sattelites, etc) "Can't happen" you say?

 

You need more than just a law. You need public awareness. That creates political pressure that gets things done. Maybe a good place to start would be getting large corps like Dell and Microsoft to acknowledge the problem and lend a hand. ($$$) After all it's in their interest as well. Then you will have $$$ not only to run your site, but hire a political activist to get that public attention you deserve.

 

As for me, I will do my little part and drop a check in the mail to you. My way of saying thanks for the help, and go get em! ;)

Share this post


Link to post
Share on other sites
I feel we do not need to use their methods. The work that is being done here must be having some effect or they would not pay any attention to the work being done here.Another point is that what is done in here is done for righteous reasons and not for monetary gain.That I assure you pisses them off.We are on the right track here!The attacks are a good sign.The more you figure them out and undue their evil the harder they have to work, and if they want to spend time DDosing us so be it. That's less time spent on writting new evil programs to get around us.We are in their face and they don't like it!!

My sentiments as well. I also agree with Exasperated in Phoenix (earlier post)

 

We do have to take the high road. Why let them or anyone else think we are no better than they are? We ARE better. Those who sit around coming up with this crap have way too much time on their hands. And NO life at all, IMO.

 

I am turning into a crusader since my battle with these nasties. Just this morning, I got a pm from my sis at the ComputerCops forum. I had told her about how viruses can be sent through messenger systems and she doesn't believe it!

 

I sent a rant to her... :whistle: Didn't mean to, but it turned out that way. haven't heard back, so she might be pissed at me. Let her be. If she wants to live in DeNile, so be it. I'll just tell those who will listen and when those who didn't come back for help.....well....I'll just hold my tongue and give them all the help I can or send them to someone more knowledgeable and stress that THIS TIME they listen to every word and do exactly what they are told to do.

 

ok...I'll quit now....guess I'm still on the rant, huh?

 

Deb :wave:

Share this post


Link to post
Share on other sites
Don't sink to their level. There are... more interesting... methods that are possible, and all of them are more morally satisfying than just DDoSing the rats.

 

Besides, it's illegal, and you don't want to end up in prison, not even a minimum-security one.

why is it illegal for us to do it and not for them? not that i'd know how...

Share this post


Link to post
Share on other sites

It's illegal for both parties. They don't care about the consequences on their end, as they profit from the lack of our help.

Share this post


Link to post
Share on other sites
Don't sink to their level. There are... more interesting... methods that are possible, and all of them are more morally satisfying than just DDoSing the rats.

I agree completely.

 

Let's face it:

The adware pushers and the cws and alikes DON'T do this stuff because they get a sadistic pleasure out or messing up people's PCs, or because get off on knowing what Pr*n sites someone visits.

 

They are in it for the money. And they succeed.

 

This is why spyware busting is a lot harder than virus busting. These guys have money to throw at it, at monitoring boards, buying anti-spyware to get around it, buying dozens of domain names and hosting in some far-off places.

 

So if you want to kick them, kick them where it hurts. In the wallet.

 

This takes a bit more work, but it certainly is doable. We have been doing it also, with some mixed success.

 

How?

- Install the adware/spyware.

- Examine it to see if you can find the urls of the ads inside,

- Trigger the ads (by visiting popular shopping sites,...)

- Note and document the exact URLs of the ads

- When you have those, you can start complaining to the vendors of the advertised products (most of the time they don't know about this scam), and to the "affiliate processors": CJ, Linkshare. Chance are that they will terminate the adware owners affiliate account. Even if they don't, we can warn other vendors using the processor not to allow the adware guys to be their affiliates.

 

Getting them kicked out of an affiliate program for fraud or the likes WILL hurt them.

 

Come to think about it, it might be good idea to put up an article on this, and to have a central point to organise this.

 

Anybody interested in joining this fight?

Share this post


Link to post
Share on other sites
My main web server in Atlanta has died. The data center techs are pulling it apart now to see if the data on the hard drives can be saved :(

Had the same problem before. We actually melted 2 disks in 8 months on the previous server.

 

Our current provider also has the option for a backup data server, where we now backup all our data to every night.

 

Let me know if I can be of assistance,

Share this post


Link to post
Share on other sites
How?

- Install the adware/spyware.

yikes!

the 'isearch' thing took long enough for ad aware to get rid of... like, 2 months or something, when i highlight something on IE and right click, i get the option to 'isearch the web'

hmm maybe i dont run ad aware often enough... but it certainly did miss it for a long time

and maybe i should start using more anti spyware programs...

Share this post


Link to post
Share on other sites

I'm taking care of the redundancy. Thankfully it was a raid array, so the other hard drive saved all the data.

 

I'll be saving the server backup files to another server from now on. I could have lost 14,400 newsletter subscribers, all the content on the site and the entire malware collection in that little disaster.

Share this post


Link to post
Share on other sites
Don't sink to their level. There are... more interesting... methods that are possible, and all of them are more morally satisfying than just DDoSing the rats.

I agree completely.

 

Let's face it:

The adware pushers and the cws and alikes DON'T do this stuff because they get a sadistic pleasure out or messing up people's PCs, or because get off on knowing what Pr*n sites someone visits.

 

They are in it for the money. And they succeed.

 

This is why spyware busting is a lot harder than virus busting. These guys have money to throw at it, at monitoring boards, buying anti-spyware to get around it, buying dozens of domain names and hosting in some far-off places.

 

So if you want to kick them, kick them where it hurts. In the wallet.

 

This takes a bit more work, but it certainly is doable. We have been doing it also, with some mixed success.

 

How?

- Install the adware/spyware.

- Examine it to see if you can find the urls of the ads inside,

- Trigger the ads (by visiting popular shopping sites,...)

- Note and document the exact URLs of the ads

- When you have those, you can start complaining to the vendors of the advertised products (most of the time they don't know about this scam), and to the "affiliate processors": CJ, Linkshare. Chance are that they will terminate the adware owners affiliate account. Even if they don't, we can warn other vendors using the processor not to allow the adware guys to be their affiliates.

 

Getting them kicked out of an affiliate program for fraud or the likes WILL hurt them.

 

Come to think about it, it might be good idea to put up an article on this, and to have a central point to organise this.

 

Anybody interested in joining this fight?

That is a great idea. I would def. do my part, although i don't have the most free time in the world. And also i dont know too much about computers i'm afraid to add ad-ware to my CPU, i already got some that i can't even get rid of. I have in the past written letters of complaints about one company to another, and to some FTC and other government places, probably wrote to the wrong department anyways...

 

but just tell me what to write and to who and i'll do it whenever i get around to it!

 

-Lem

Share this post


Link to post
Share on other sites
I'm taking care of the redundancy. Thankfully it was a raid array, so the other hard drive saved all the data.

 

I'll be saving the server backup files to another server from now on. I could have lost 14,400 newsletter subscribers, all the content on the site and the entire malware collection in that little disaster.

Do you not backup the site to your own hard drive as well Mike?

Share this post


Link to post
Share on other sites

Things could be worse, there are worse things they could have done...

 

Just incase anyone doesnt know what a DoS is, heres some links (Gibson Research wrote up some reports when they got attacked - tells you pretty much everything from symptoms to solutions)

 

http://www.grc.com/dos/grcdos.htm

http://www.grc.com/dos/drdos.htm

 

This guy is bright! Even if you know what they are, i suggest you read. The guy even infiltrated the virus's communication system (the virus that goes to the 'zombie' machines)!

Share this post


Link to post
Share on other sites

I realise that at this point the sh*t hit the fan :ph34r: and everyone probably has a thousand things to do, rather than answer my question, however, please:-

 

Having been away from the forum for a month, my return found that my ID and Password had been lost. I have re-registered and set up my preferences once more, but my history, postings and just about everything else had gone. :gack:

 

My question: :scratchhead: Is this permanent or some time later will it be recovered? Your answer will let me know how much time to waste or just to leave it all temporary?

 

Regards and Best Wishes, :lol:

Share this post


Link to post
Share on other sites

It happened to me. Mike had to move the forum database to a different server, and not every user ID survived. It's permanent.

Share this post


Link to post
Share on other sites

Dear X0563511, :D

 

Thanks for your reply, at least now I know that my previous work was worth absolutely nothing. Seems strange that before this, all memory and history was saved and brought forward. :scratchhead:

 

I note that the "leaders" all have their history saved, but not the minions. I guess that we plebs have to start again from scratch, hardly seems worth it, just to have it all "lost" again, the next time all goes down? :techsupport:

 

The last time this happened, I found myself locked out, and it took some 4 weeks before I could get any answer to my entry problem, seemed just like no one even cared :bounce:

 

Best Wishes, :wave:

Share this post


Link to post
Share on other sites

Lord of The Rings,

 

Actually, no one had anything saved. Mike posted that he couldn't move anything to the new site because the database was too big.

 

see: http://www.spywareinfoforum.com/index.php?showtopic=2

 

For instance, cnm, an Administrator, had around 12,000 posts on the old site - since moving here, and starting at 0, she's now up to over 1700 - but she started at 0 just like everybody else.

 

With tens of thousands of members, sometimes individual problems do slip thru the cracks.

 

But, if no one cared about other peoples problems, this site wouldn't even be here, would it?

Share this post


Link to post
Share on other sites

Look at http://www.spywareinfoforum.com/index.php?showtopic=2

We all had to re-register.

You will see that none of us are shown as joining before May 15.

 

The old board is still there and is readable (on a good day, that is - there are still complications from the proxies that make it often very slow or unavailable).

Share this post


Link to post
Share on other sites
now I know that my previous work was worth absolutely nothing.

I wouldn't say that. If you helped a lot of folks in the past, including me, then we all remember what you did for us, regardless of your post count or other means of identification.

 

I am extremely grateful for all the help given to me, both in the old board and in the new one. When my machine is giving me trouble, I don't care about name, post count, member status, avatar...etc,; all I care about is the human being on the other side who is kind enough to give me their time and advice.

 

So, Lord of the Rings, and everyone else who gives of their time, either in the old board and/or the new one: Thank You :love:

 

Bobby

Share this post


Link to post
Share on other sites

Aw Shucks! :gack:

 

I guess then it's back to normal, until the next time? :deal:

 

I just wish there was some way to strike back? (Just like the Empire)

without being illegal or dropping to their level. :evilgrin: Does anyone have a real time address for the guys concerned? Just maybe I'd have enough time to visit with them, sometime :whistle: .

 

Best Wishes and Thanks to all members. :D

Share this post


Link to post
Share on other sites

I am MORE confused now than before: I couldn't get into the HiJack page or anything else SpyWareInfo-wise, so I went to TomCoyote's forum and BEGGED for help. They (very graciously) told me to use the mirror www1.etc. My question is this: Is this a temporary fix, or should I change all my URLs to the mirror? I access them during class to demonstrate the site, and need it in the am!

Share this post


Link to post
Share on other sites

www.spywareinfo.com works some of the time. Slowly, usually.

Share this post


Link to post
Share on other sites
I am relatively new to this, having just (finally) cleansed my PC of multiple infections of spyware. (Thanks again!) You provide a valuable service to the public. I too have seen a dramatic increase of these infections in recent months.

 

It is certainly something the government should take an interest in. It is not only counterproductive for users to have to waste their time cleaning and defending against this unethical eruption of code, but could be considered a threat to national security. What if there was another Bin Laden patiently planning a multi DDOS attack to shut down critical systems in our country? (Power grids, defense communication sattelites, etc) "Can't happen" you say?

 

You need more than just a law. You need public awareness. That creates political pressure that gets things done. Maybe a good place to start would be getting large corps like Dell and Microsoft to acknowledge the problem and lend a hand. ($$$) After all it's in their interest as well. Then you will have $$$ not only to run your site, but hire a political activist to get that public attention you deserve.

 

As for me, I will do my little part and drop a check in the mail to you. My way of saying thanks for the help, and go get em! ;)

Isp's can regulate all the transfers having "exclusions" and inclusions of datatags.

 

its just generally they dont get involved unless(unless I'm mistaken. I.E. business or government or someone making complaints etc.. and following up on them and what not.

 

Also a simple way of stopping abuse from outside is by setting up a filter for incoming data

the long run of privacy and security is going to be ip tagging of some sort that is website subscritpions only people with x ip will be able to get through site filters(unless the net doesn't get more corporate....) the ISPS can then get lists of data filters to static addresses. effectively censoring unwanted access.

 

Internally the networks should be planned as to not have critical systems connected to noncritical (interactive systems) honestly any powergrid or infrastructure issues is bad planning imo.

Share this post


Link to post
Share on other sites

This is the Wild West updated. You can't legislate people's morality. Just keep your software Peace Maker loaded and fend for yourself!!!

Share this post


Link to post
Share on other sites

I find that www doesn't work _at all_, but www1 works like a dream. Unfortunately ~merijn is not mirrored there.

Share this post


Link to post
Share on other sites
side note:

I used to mail-bomb spammers by sending 'em 500K chunks of aggregated spam that I'd gotten previously.  After about 4 to 10 <send> buttons, they'd start bouncing as their server went full.  Poetic justice, if you think about it.  One of 'em complained that their mailbox blew up (my heart bleeds for you) and my ISP warned that further retribution on my part would end my access.  I've played nice since then.  The tech guy at the ISP was amused at what I was doing, but it was illegal and he had to play it hard.  I'm sure he was wishing he could figure out a way to do the same thing legally.

 

I would be very interested in learning this technique because even us old 34 year old's need our fun.. I am normally very tolerant, and understood my hotmail account being spammed with over 120 emails a day, but my ISP based email has now succumbed to it, and some days, payback is the only thing on my mind, after sifting thru 40+ spam emails, looking for the one important one from my relatives or friends. Even just to hit one or 2 of them, would maybe help alleviate my sadness.

 

Im in New Zealand, and we dont have very good anything down here.

Edited by kronos

Share this post


Link to post
Share on other sites
I find that www doesn't work _at all_, but www1 works like a dream. Unfortunately ~merijn is not mirrored there.

You will find that Merijn has a mirror site here.

 

http://merijn.richardthelionhearted.com

 

I donated the space to Merijn to help in the fight against spyware and other parasites

Share this post


Link to post
Share on other sites

Here's a couple of tips and things you can do to get retribution on the spammers out there...well maybe not retribution, but it makes you feel a WHOLE lot better

 

1) NEVER click on the "unsubscribe" button and add your email address. You'll end up with more spam that way

 

2) If you get ad in via spam email, go to the website it suggests. Go to thier contact info and copy any email addresses you find there. Now take those email addresses and "unsubscribe" them from the rest of the junk you've recieved (I set up an html page for myself with a bunch of links). If you're REALLY annoyed...do a quick search for porn mailing lists in google....and sign them up for that crap.

 

3) It was mentioned earlier in this thread: Click on the links, and find out if they are "affiliate" links. Most paying affiliate companies have terms of service that do not allow spam email and other annoying activities. Report the link to the affiliate company...hopefully thier account will be closed down.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0