DDOS Attackers = Whiny, Spoiled Little Children

One would have to assume that the recent arrests, convictions, charges, domain and DNS reporting, and general retaliation against several hundred spam operations has finally had the desired effect on these scumbag's bottom line.

As I write this, numerous websites are under sustained attacks from a botnet numbering in the hundreds of thousands (very likely the Storm Worm botnet.):

• Castlecops


• KillSpammers


• Spamnation


• aa419.org


• 419eater.com


• spamhaus.org

Several of them are mitigating the attacks, some with a great deal of success.

Whoever it is that's doing this, you sure are exposing yourself by attacking so many anti-spam websites in one go. But since you're an idiot, you probably didn't think about covering your tracks very well.

If you think we won't find you: you're wrong.

If you think international law enforcement isn't watching this: you're wrong.

I will start releasing VERY personal data on known spammers very soon if this attack doesn't stop, one way or another. Damaging personal information which will make life very very difficult for several known spammers and their business interests. It might be here on this blog, or on any number of other blogs, or it might just be via clandestine messages to private individuals who you likely do not want this information getting to.

If you think I'm kidding around: you're wrong.

Keep it up. For all the stealth you're employing during this attack, you might as well walk into the middle of a public square, drop your pants and scream out: "Look at me! I'm a DDOS attacker! I am so dangerous!" What kind of childish idiots are you?

One day, very soon, your profits are going straight into the toilet. We all know this. You can cry about it via DDOS'ing all you like: it changes nothing.

Spammers are idiotic little brats.

SiL / IKS / concerned citizen

Yet Another Attack, Plus More On The Bogus Hoodia Spammers.

Yet Another Attack, Plus More On The Bogus Hoodia Spammers.

The carpcstore forum is once again under attack, as is Spamhaus.org.

Spammers who are happy to perform DDOS attacks have always struck me as whiny little brats. They didn't get what they want, so they just wander around kicking over everyone else's sandcastles, etc. It's ridiculous.

The stupidest part about these morons is that they think it will shut us up. Or that we'll stop reporting or monitoring them. They could not be more wrong. Not only does this make sure that we don't stop researching and reporting every last one of them, it practically ensures that we'll do so with even more diligence, since it's fairly clear that we're having the desired effect of killing their ability to profit. Law enforcement will also monitor these attacks very closely, since they are a criminal act. With each attack they decide to launch, the evidence mounts and it becomes easier and easier to tell who is behind them, where they are located, etc.

One of these days, someone like me, or one of my colleagues, or possibly some third party none of us are even aware of will eventually become fed up enough about these stupid, childish attacks that they will actually spill farrrr more information on blogs like this one than they ever thought we knew. You can ask mcproxy about that. He knows the depth of research several people have done on his identity, his background, etc. I and others like me have compiled a lo-o-o-ot of background information on many others like him. The mere threat of exposition caused mcproxy to get out of the spamming business entirely. (That wasn't me, btw.) If you're a spammer and you're behind this attack? Or assisted in it? Or donated money towards it? You should really think about that. You should also seriously consider whether you want to be on the receiving end of one of the multiple lawsuits and arrests which have taken place this year alone. There are only going to be more of them, and exposing yourself so publicly with something as ridiculous as a DDOS attack is only going to make that happen much sooner. You obviously failed to glean this from the previous three years' worth of arrests of other botnet operators.

Also: there are a lot of us. Shutting down one piddly form won't silence us. Shutting down my single blog won't shut down the hundreds or thousands of others out there which are all poised to duplicate the exact same data. One way or another: we will continue to thrive.

We, the recipients of your crap emails for fake drugs and "herbal remedies", are sick of you ignoring our pleas to stop spamming us. If you don't like us researching you, maybe you should find a different line of work.

This attack gives me more time to dig even deeper into some research I hadn't had time to pursue anyway. It's also not stopping any of that forum's members to continue to communicate with each other regarding our ongoing investigations.

I just thought that several of you would probably want to keep all of this in mind.

Also as a followup to my previous posting on bogus Hoodia / Anatrim / whatever the hell they're calling this bullshit product this week: Many of you may be aware that the US's Federal Trade Commission has ordered one Brian McDade and his company Neutraceuticals LLC to stop sending Hoodia spam in the hopes of promoting exactly these provably bogus products. The original complaint makes for some pretty good reading.

COUNT I
False Claims for the Hoodia Products

Through the means described in Paragraphs 18-23 above, Defendants have represented, expressly or by implication, that:
a. the Hoodia Products cause rapid and substantial weight loss, including as much as forty pounds in a month;
b. the Hoodia Products cause users to lose safely three or more pounds per week for multiple weeks;
c. the Hoodia Products cause permanent weight loss; and/or
d. scientific research establishes that the Hoodia Products cause substantial weight loss.

In truth and in fact:
a. the Hoodia Products do not cause rapid and substantial weight loss, including as much as forty pounds in a month;
b. the Hoodia Products do not cause users to lose safely three or more pounds per week for multiple weeks;
c. the Hoodia Products do not cause permanent weight loss; and/or
d. scientific research does not establish that the Hoodia Products cause substantial weight loss.

36. Therefore, Defendants' representations as set forth in Paragraph 34 above are false or misleading and constitute a deceptive practice, and the making of false advertisements, in or affecting commerce...

Couldn't have said it better myself.

Hope the rest of you are also having a splendid day.

SiL / IKS / concerned citizen

The Attack Continues...

Well the other shoe just dropped, I guess is the saying.

My old stomping grounds, thecarpcstore.com/phpbb2, was knocked offline this morning by (you guessed it) a DDOS attack.

Given the staggering amount of evidence present here and elsewhere on the web, who do you think it could be that would want to perform that kind of attack? Who would have access to the resources needed to do so? Why members of that old stalwart: bulkerforum.biz of course.

I expect it will be a very small number of days before the boasting begins on that selfsame web forum, and elsewhere.

But what does this accomplish, ultimately? All of the individuals who contributed to that forum: they still hate getting all the spam that these idiots keep sending. They hate that despite asking numerous times to stop sending all of it to them, these spammers haven't stopped. And they hate that not only do they continue to get these unwanted messages, very often they get them twice as much.

How is this good for anyone's business? How hard is it for these moron spammers to recognize that they should just clean their lists? Clearly they don't seem to understand that they're consistently targeting - and thereby abusing - the wrong audience for their so-called "products", and they're wasting a huge amount of people's time, energy and money. They're also ruining the whole experience of the internet in the process.

Spammers love to blame people like me because we "can't find the delete key." That completely misses the point: I didn't want it in the first place, and you just confirmed that you KNEW I didn't want it. That makes you, the spammer, doubly stupid.

Attacking sites which take on the task of compiling data regarding their operations, and reporting and exposing their underlying personnel, only further exposes how tenuous your "business" is in the first place. If all it takes to piss you off is bring more attention to how you operate, doesn't that make it that much more probable that we'll make sure that the same info gets into the hands of someone with more tangible tools to take you down? DDOS'ing our little forum is proof that we've been on the right track for a while, and it's further proof that the spammers somehow think that this information is "dangerous" to have in the public eye. Knocking that forum down won't stop the information from being made available. Nor will it stop those of us who have collaborated so closely over the past year and more to make sure we tell even more people about these scumbags.

Many members on bulkerforum.biz like to make the claim that (a) we're just jealous because they can profit from spamming and (b) that they are only making an "honest" living, and that we hate them for that. ("The terrorists hate our freedom")

They fail to provide any answer at all when it's pointed out that the "drugs" that they are promoting via their spam comes from sites that lie; they're not secure, they have absolutely no support or endorsement from the Better Business Bureau, or Visa, or VeriSign, and the drugs that they sell are fake.

They don't have any answer when we point out that stock spam is indeed an illegal and fraudulent act, which carries with it some very high fines and sentences. How is that an "honest" business.

Fake diplomas: how "honest" is that as a product? That's not legal either. How is it an honest way to make a living? Would you trust a guy to build your house if he had a fake engineering degree? How about your lawyer? How about your doctor? We're supposed to be envious that this is how they make a living? That's total bullshit.

Selling mortgage leads collected via spam may be profitable, but that doesn't make it any more legitimate when you're spamming it to people who aren't even in the US to begin with (easily more than half these idiots' lists are full of peoplle from Canada and overseas, none of whom are supposed to be offered these mortgages in the first place. The spammers know this, yet they don't clean them from their lists, and further to that: they ban the ip addresses for overseas users.

How is any of that "honest" or legitimate? And why on earth would any of us be envious of any spammer who said that they profited from it? People have already started dying from taking some of the fake drugs sold by these illegal pharmacies. What else will it take?

DDOS'ing our forum won't stop that information from getting out, and it won't stop even more people from remaining angry as hell at the people who continue to send this crap out.

There have been not one but two very high profile actions in the past few weeks in the courts regarding illegal spammers. I fully expect that this is only the beginning of a long line of arrests, convictions and guilty pleas still to come. The only question is when, not if, more will take place.

SiL / IKS / concerned citizen