Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Aussie Blogger Hit With DDoS Death Threats

timothy posted about 3 years ago | from the bad-childhoods-continue dept.

Australia 125

mask.of.sanity writes "An Australian blogger who blew the lid on emerging domain-name fraud campaigns has received death threats from the scammers. His blog and domain parking company are still being hit with a large distributed denial of service attack that has the death threats embedded as HTML links within its logs. Australia's government CERT team and the U.S. Secret Service (blog servers were hosted on U.S. soil) are pursuing the botnet's command and control servers. Ten days later, the victim is still being attacked and is fighting a cat-and-mouse game as IP address ranges change."

cancel ×

125 comments

Sorry! There are no comments related to the filter you selected.

Stop giving hackers a bad name! (0)

Anonymous Coward | about 3 years ago | (#37360458)

What happened to the awesome days of software sharing and music liberation, now hackers are sending death threats when their scam empire is threatened and DDoS is nearly a household term?

Re:Stop giving hackers a bad name! (5, Insightful)

Psychotria (953670) | about 3 years ago | (#37360478)

Those were never "hackers"

Re:Stop giving hackers a bad name! (1)

Anonymous Coward | about 3 years ago | (#37360622)

Hack The Planet!!1

Re:Stop giving hackers a bad name! (1)

Anonymous Coward | about 3 years ago | (#37360674)

Unfortunately "hackers" is, and has been for at least the last 15 years, a term associated with "crackers". It's a shame when playful cleverness is being labelled organised crime whilst real crime in which people are being hurt and laws broken remains largely ignored by law enforcement. I wish politicians and police would come to their senses and realise that "cybercrime" and IRL crime are one and the same, and the only way you can fix it is by finding the perpetrators and slapping them with fines and jail sentences. Denial of service and XSS on their own aren't really (legal) problems. The problems start occurring when these methods are used to deliver death threats and steal data for personal gain.

Re:Stop giving hackers a bad name! (2)

Samantha Wright (1324923) | about 3 years ago | (#37360942)

Fortunately, the hardware hacking community has worked toward making the name its own again, ensuring that the concept of a hacker as a knowledgeable, creative person who works with complex computer technology at least somewhat lurks in the minds of the educated public.

Re:Stop giving hackers a bad name! (3)

WorBlux (1751716) | about 3 years ago | (#37360574)

Hacker make things work, generally with either with a low budget, a high degree of creativity, simple elegance, or superfluous complexity. More for the satisfaction of being able to be it. Sometimes involving good-natured pranks, naivety or a need to take dissect things just to see how they work. However a death threat is the sort of malovelence far removed from a hacker's nature. Also hackers tend to be very strongly motivated by internal rewards (satisfaction at a job well done) rather than the external (money) as these scammers are.

Re:Stop giving hackers a bad name! (-1)

Anonymous Coward | about 3 years ago | (#37360658)

A Hacker is an individual who exploits security flaws in order to gain unapproved electronic access to intentionally secured data or systems.

Hackers! Rise up and take our damn word back before the meaning is completely diluted!

Re:Stop giving hackers a bad name! (0)

Anonymous Coward | about 3 years ago | (#37360692)

Can't tell... [fairfaxunderground.com]

Internet toughguy syndrome (1, Insightful)

assemblerex (1275164) | about 3 years ago | (#37360488)

No, the people doing this are not going to hop on a plane,rent a car and find your house.

Unless you live in russia, then you better cut that shit out and hide.

Laziness (0)

Anonymous Coward | about 3 years ago | (#37360528)

Sometimes I think it's out of sheer laziness. It's not only so much easier and less involved to start a digital attack against someone, but no broken bones, in many cases you could not have police involved (especially if you're conveniently located in a country that couldn't care less), and there's the sheer laziness factor. These people may have overly active fingers from the hacking and clicking but I highly doubt they'd ever waste the calorie burn of actually taking a plane out to someone's house.

Re:Laziness (2)

mevets (322601) | about 3 years ago | (#37360562)

Your right; the really lazy would just hire someone local to do their 'wet work'. Good thing they haven't thought of that.

Re:Internet toughguy syndrome (0)

Anonymous Coward | about 3 years ago | (#37360860)

No, the people doing this are not going to hop on a plane,rent a car and find your house.

Unless you live in russia, then you better cut that shit out and hide.

Sadly, it's only a matter of time before what you say isn't going to happen, does occur.

Re:Internet toughguy syndrome (4, Informative)

SteveTheNewbie (1171139) | about 3 years ago | (#37361010)

Sadly, thats incorrect, there are cases where people have been tortured and kidnapped for messing with these criminals

http://www.wired.com/threatlevel/2008/08/hacker-reported/ [wired.com] is one such case, another i dont have the link for right now involved a reporters daughter being kidnapped, put on drugs and sent to work in a brothel for 5 years. The hacker con ruxcon in Australia had a talk on it last year, no country is safe when dealing with real criminals. They will find and kill you for disrupting their business.

Re:Internet toughguy syndrome (0)

Anonymous Coward | about 3 years ago | (#37361686)

But the reverse is also true they can also be found hunted down and eradicated fumigated and deleted from the record of humanity

Re:Internet toughguy syndrome (1)

mabhatter654 (561290) | about 3 years ago | (#37361838)

Not really, many live in countries with weak extradition, or no laws against cyber crimes in the first place. Even when they commit a crime like kidnapping, all the inetnt and evidence is based on stuff that can't be investigated internationally... So they have years head start on people looking for your kid.

Re:Internet toughguy syndrome (2)

PPH (736903) | about 3 years ago | (#37362398)

But the reverse is also true they can also be found hunted down and eradicated fumigated and deleted from the record of humanity

Really? From the article:

In April, Miami Beach police busted a ring of Bulgarian nationals ....

The Secret Service took over the Miami Beach case, and the four defendants were each released on a $100,000 cash and signature bond. Three, including alleged ringleader Nikolai Hristov Arabov, jumped bail and went on the lam last month.

That goes beyond stupidity and incompetence and possibly straight to collusion. And this isn't corruption in the ex-Soviet bloc. This is the Secret Service and our own court system.

Re:Internet toughguy syndrome (1)

AliasMarlowe (1042386) | about 3 years ago | (#37363468)

But the reverse is also true they can also be found hunted down and eradicated fumigated and deleted from the record of humanity

Really? From the article:

In April, Miami Beach police busted a ring of Bulgarian nationals ....

The Secret Service took over the Miami Beach case, and the four defendants were each released on a $100,000 cash and signature bond. Three, including alleged ringleader Nikolai Hristov Arabov, jumped bail and went on the lam last month.

That goes beyond stupidity and incompetence and possibly straight to collusion. And this isn't corruption in the ex-Soviet bloc. This is the Secret Service and our own court system.

And Bulgaria is even a member of the EU, which is essentially impotent against Bulgaria's state-sanctioned corruption and state-protected criminals. Forget getting the local police to track down the absconded defendants and forget about getting them extradited outside the EU[*] even if they are found.

As a member of the EU, Bulgaria is required to honor the European Arrest Warrant [wikipedia.org] . I don't know whether that could be helpful for an extradition outside the EU.

Re:Internet toughguy syndrome (1)

E IS mC(Square) (721736) | about 3 years ago | (#37361620)

True if it's some random guy. But it's quite unsettling if you are threatened by multiple people in an organized way. Even if no real threat exists, it can be damaging psychologically.

Re:Internet toughguy syndrome (1)

PPH (736903) | about 3 years ago | (#37362330)

But it's quite unsettling if you are threatened by multiple people in an organized way.

More likely its one scrawny botnet operator who looks like multiple people.

Re:Internet toughguy syndrome (1)

daem0n1x (748565) | about 3 years ago | (#37363268)

He owns a domain parking company, so he's part of the problem. Domain parking qualifies as "domain-name fraud", it just happens to be legal in many places.

If you're gonna swim with the sharks, you gotta learn to bite.

Re:Internet toughguy syndrome (1)

mabhatter654 (561290) | about 3 years ago | (#37361824)

Except that if you DO live in a country that cares they now have uttering death threats which is a non-cyber crime to get you with. Scams are hard to prosecute... Death threats are easy.. They can tack on the scamming at sentencing as "unrepentant offender".

I am confused (3, Informative)

bloodhawk (813939) | about 3 years ago | (#37360494)

Huh? So now domain name parkers are considered innocent victims rather than the scumbucket profiteers that polute the web and search engines with advertisings and misleading links?

Re:I am confused (1)

fuzzyfuzzyfungus (1223518) | about 3 years ago | (#37360616)

"So, naturalists observe, a flea
Has smaller fleas that on him prey;
And these have smaller still to bite 'em,
And so proceed ad infinitum."
Frankly, in this case, the "scammers" sound like they(by flooding domain park advertisers with false clicks) are making domain park advertising incrementally less attractive, so I find it hard to be too sad to see them. Anybody who collaborates with those scum deserves what they get. However, the botnet herders tend to be the ones cracking machines for their herds, so they are also a blight.

Maybe they could fight to the death?

Re:I am confused (1)

Anonymous Coward | about 3 years ago | (#37360650)

"Thus every slashdot poster, in his kind,
Is bit by him that comes behind. "

Re:I am confused (4, Insightful)

North Korea (2457866) | about 3 years ago | (#37360688)

There's nothing wrong with domain name parking. If you have no current use for a domain you've paid, you park it. Also, you could use the domain for other purposes than just for web - like email, game servers etc. There's internet out of the web too, you know.

Re:I am confused (1)

qxcv (2422318) | about 3 years ago | (#37360702)

I think OP was talking about people who buy domains with the closest Hamming distance to the name of a Fortune 500 company and *intend* to park them (or use them for brand damaging material) until the company in question coughs up with a few grand to buy the domain off the parkers.

Re:I am confused (1)

julesh (229690) | about 3 years ago | (#37360782)

Maybe, but I don't think that's what the person who's the subject of the story does, so if that's what he thought was meant, he misunderstood. The subject of the article appears to offer domain registration services to third parties, along with a system for managing adverts placed on the domains prior to web sites going live.

Re:I am confused (1, Informative)

bloodhawk (813939) | about 3 years ago | (#37361028)

Maybe, but I don't think that's what the person who's the subject of the story does, so if that's what he thought was meant, he misunderstood. The subject of the article appears to offer domain registration services to third parties, along with a system for managing adverts placed on the domains prior to web sites going live.

Actually that is EXACTLY what the subject of the story "Michael Gilmour" does. What he does may be legal but I would rank him slightly above sewer scum. He buys up domains and parks advertising on them to milk money from unsuspecting search results and mistyped domain names.

Re:I am confused (1)

mabhatter654 (561290) | about 3 years ago | (#37361856)

Well at least he's not collecting all their mis-addressed email...

Re:I am confused (1)

theskipper (461997) | about 3 years ago | (#37362506)

That's incorrect and overly inflammatory. Parklogic serves as a middleman between advertiser feeds and domain owners who wish to display a parked page. He may also own domain names but his company serves as a parking platform beyond any of those personal domains.

They maintain the server infrastructure, negotiate contracts with advertiser feeds from Google, Yahoo, etc. Same with Whypark, Sedo and many others. As a matter of fact, Google offers the exact same service if you're willing to use their DNS.

Also, there is a difference between parking "cellphones.com" and "verzion.com". One is a perfectly legitimate generic and the other is typosquatting (profiting off a trademarked term). The latter can be claimed via the UDRP process, Verizon is not at the mercy of a squatter in any way. Trademark holders can also file federal lawsuits.

You may disagree that the owner of "cellphones.com" should profit from the domain. That's equivalent to thinking that a property owner should not be able to profit through renting to others in a free market (btw, domains are considered property). But at least recognize that there is a clear distinction between "sewer scum" and legitimate domain owners that choose to use a domain as they see fit.

Re:I am confused (1)

WNight (23683) | about 3 years ago | (#37363124)

btw, domains are considered property

And World of Warcraft magic swords aren't.. Hilarious. Both are lines of nothing in a database.

You may disagree that the owner of "cellphones.com" should profit from the domain

Of course I do. They're a useless leech on the system. If not for a court turning that into "property" it'd just be data in a DB and the community would point it where the community wanted.

The reason we think (in general) that property owners should be able to rent property is that it usually wouldn't be there (a house), or developed (a piece of property with access and sewer/power), etc. Simply giving the public domain to someone, like ownership of the word 'cellphones' so that they can start billing when people use it is as reasonable as letting people set up toll booths on roads they didn't build or maintain.

In the beginning domain names were sold not to make money but to pay for their administration and to keep freeloaders from taking them all. Now their administration is trivial and the low prices mean "free"loaders are back. We need to add a new rule like, if you want more than five domains you have to send a picture of yourself (no employees, etc) with a shoe on your head. It's not about cost, it's about deterring run-away hoarding and bringing problems to light so they can be fixed to the benefit of everyone.

But at least recognize that there is a clear distinction between "sewer scum" and legitimate domain owners that choose to use a domain as they see fit.

You mean, take the group of people who intentionally hurt society for their own luxury, and recognize an important different because some choose to do it via gaming the system and some just break the rules? No. I don't think so.

Domain names are just lines in a database and the laws justifying those DB lines as property and not others are ridiculous. People who make a business gaming this are thieves, if only the crafty type we call lawyers.

Re:I am confused (1)

theskipper (461997) | about 3 years ago | (#37363464)

Sounds like you're unhappy about the situation. Out here in the real world it's called capitalism.

And I'd bet the you'd feel much differently if you owned a multi-million dollar domain like beautiful.com. But you can't because P&G registered it back in 1995 and has been using a worthless redirect on it ever since then. Since they're hurting society by hogging the domain, maybe if you ask nicely they'll transfer it to you at no charge?

Btw there's actually a phrase for what you're feeling: "domain envy". It's no different than those that lament not buying MSFT back in the early '90s.

Re:I am confused (2)

AftanGustur (7715) | about 3 years ago | (#37360924)

There's nothing wrong with domain name parking.

"Domain parking", usually means tapping into search results of the big search engines and feeding people advertisements in place of the actual content they were looking for. This may be legal, but that doesn't make it "right".

In addition, people like Michael Gilmour get away with paying only a few cents for each domain and then buy them in the thousands when people forget to renew or let them expire, hoping to sell them back with a hefty profit.

Michael Gilmour is not giving people any more service than someone who buys up all the tickets for a concert and then sells them back to those that want to listen to their favorite musician.

Re:I am confused (1)

North Korea (2457866) | about 3 years ago | (#37361080)

In addition, people like Michael Gilmour get away with paying only a few cents for each domain and then buy them in the thousands when people forget to renew or let them expire, hoping to sell them back with a hefty profit.

And how does he do that?

Re:I am confused (1)

AftanGustur (7715) | about 3 years ago | (#37361158)

In addition, people like Michael Gilmour get away with paying only a few cents for each domain and then buy them in the thousands when people forget to renew or let them expire, hoping to sell them back with a hefty profit.

And how does he do that?

He has a company that is listed as a "domain reseller" or a registrar, so he only has to pay the yearly fee to the top-level domain management, which is, for example, about USD 20 cents for .com domains.

Re:I am confused (1)

North Korea (2457866) | about 3 years ago | (#37361184)

There's quite large annual fees on top of that, though. And he won't get those prices unless he is actually registered registrar directly at ICANN. If he's just reselling, then it's close to the actual prices (at least $6-7 per domain).

Re:I am confused (1)

AftanGustur (7715) | about 3 years ago | (#37361622)

There's quite large annual fees on top of that, though. And he won't get those prices unless he is actually registered registrar directly at ICANN. If he's just reselling, then it's close to the actual prices (at least $6-7 per domain).

From Here [icannwiki.com]

Michael is the CEO of Simcast Media, an online platform built for a company's clients and their customers. Customers find more information about the companies they're interested in. Simcast is an accredited registrar of ICANN. .

Re:I am confused (0)

Dan541 (1032000) | about 3 years ago | (#37361332)

Wow, thanks for showing that you don't have a clue what you're talking about. Last I checked Verisign charged $7.34 per domain then there's the $0.18 ICANN fee. So that's $7.52 before the registrar even takes their own cut, and they too need to cover operating costs.

The costs are many orders of magnitude higher than the 20 cents that you claim.

Re:I am confused (1)

AftanGustur (7715) | about 3 years ago | (#37361534)

Wow, thanks for showing that you don't have a clue what you're talking about. Last I checked Verisign charged $7.34 per domain then there's the $0.18 ICANN fee. So that's $7.52 before the registrar even takes their own cut, and they too need to cover operating costs.

The costs are many orders of magnitude higher than the 20 cents that you claim.

Verisign is a registrar, Michael Gilmour's company is also a registrar, they both only pay 18 cents to ICANN per domain, get it ?

Re:I am confused (1)

North Korea (2457866) | about 3 years ago | (#37361576)

No, Verisign is the operator of both .com and .net TLD's. All registrars pay to Verisign and ICANN for .com and .net domains.

Re:I am confused (1)

theskipper (461997) | about 3 years ago | (#37362584)

There is a huge difference between a "registrar" and "registry". If a registrar charges $9 for a domain registration, they pay around $7.50 to the registry (Verisign) and ICANN. The $1.50 is the registrar's profit, no more. The $7.50 is used by the registry to maintain infrastructure for DNS, etc. So there is no way for a registrar to register a domain for 20 cents.

What you may be thinking of is "tasting". In that case the domain could be "returned" for a small fee after parking for a week or so. But that was reigned in and essentially eliminated last year.

Re:I am confused (1)

gpuk (712102) | about 3 years ago | (#37363196)

As North Korea says, you are mistaken.

Re:I am confused (0)

Dan541 (1032000) | about 3 years ago | (#37361300)

Domains are like real estate. You can buy them cheaply and sell them for inflated price later on.

What's wrong with that?

You Shouldn't Be Confused (0)

Anonymous Coward | about 3 years ago | (#37361574)

Yeah I forgot we come from a world of American Capitalism. If someone would pay you to shit in a little kids cornflakes you would probably do it and wonder why people think it is wrong.

I guess it is true entrepreneurial spirit to create something that adds zero value to the world so that you can make a few dollars. Who cares if it slows down legitimate users and wastes their time that could be spent enjoying their lives.

Re:You Shouldn't Be Confused (1)

sourcerror (1718066) | about 3 years ago | (#37362998)

Well, in other countries people don't eat that much cornflakes, so the US has significiant competitive advantage in shitting in cornflakes .

Re:I am confused (1)

AftanGustur (7715) | about 3 years ago | (#37361602)

Domains are like real estate. You can buy them cheaply and sell them for inflated price later on.

What's wrong with that?

Like when you buy up all the concert tickets for a show?

Re:I am confused (0)

Dan541 (1032000) | about 3 years ago | (#37361948)

Domains are like real estate. You can buy them cheaply and sell them for inflated price later on.

What's wrong with that?

Like when you buy up all the concert tickets for a show?

Why not?
People can buy as many tickets to the show as they like. I've purchased dozens of tickets to events, there's nothing wrong with purchasing things (that's the point of selling them). The transaction concerns only the parties involved, and no one else.

Re:I am confused (1)

Anonymous Coward | about 3 years ago | (#37362394)

Why not? People can buy as many tickets to the show as they like. I've purchased dozens of tickets to events, there's nothing wrong with purchasing things (that's the point of selling them). The transaction concerns only the parties involved, and no one else.

There is nothing wrong with being a parasite, after all they existed before humans did.
Yeah, I'm getting off your lawn right now.

Re:I am confused (1)

zippthorne (748122) | about 3 years ago | (#37362008)

If you can make a profit by buying all the concert tickets and reselling them, then the original promoters failed by not setting the price correctly.

Re:I am confused (2, Informative)

Anonymous Coward | about 3 years ago | (#37362242)

Wrong. Not everyone seeks to gouge the shit out of everyone else. How sad that the epitaph on the tombstone of our society will be "Well, at least they made a profit". Pathetic.

Re:I am confused (1)

gpuk (712102) | about 3 years ago | (#37363214)

In the UK at least I believe there are anti-ticket taut regulations to try and stop exactly that.

real estate doesn't quietly expire and be resold (1)

r00t (33219) | about 3 years ago | (#37362874)

To be the same, imagine that your house ownership expires. You might get notice that this is about to happen, but the notice looks like junk mail and might not even arrive. Fake notices are sent all the time by scammers wanting to fool you into paying the wrong person. If you are on vacation or otherwise miss the legit notice, you might not pay in time. Your house is then quietly reposessed by the local authorities. Some jerk at the courthouse buys the house instantly. (he always does this) You find yourself homeless. The jerk offers to sell you back your house for a ridiculous markup. His whole reason for buying the house was the hope that you would be desperate enough to pay him well. He has no other use for your house. He has no realistic hope that anybody else would want your custom house, and you need it because it's where everybody thinks you live.

Re:I am confused (0)

Anonymous Coward | about 3 years ago | (#37363080)

With real estate, let's see, expecting profit for adding zero value? When scumbag speculators are only ripping each other off, I don't really care, but in the end of this little greedfest you're ripping off a family who is only looking for a place to live. This kind of attitude was the positive feedback into the unstable system known as the "housing bubble". Many people who weren't in it for the profits were ruined, but hey, what's wrong with that as long as somebody made out like a bandit, right?

Re:I am confused (2)

bloodhawk (813939) | about 3 years ago | (#37361038)

There's nothing wrong with domain name parking. If you have no current use for a domain you've paid, you park it. Also, you could use the domain for other purposes than just for web - like email, game servers etc. There's internet out of the web too, you know.

He is not that sort of domain parker. He is someone that buys up domain names for generic terms and mistyped domain names and parks the domain with advertising to get ad traffic from searches and mispellings.

Re:I am confused (0)

Anonymous Coward | about 3 years ago | (#37363218)

He does not do any real work to deserve his money. So he is not much different from those jerks that DDOS him. In place of police I'd say - let the mobsters settle this business by themselves :-)

Re:I am confused (1)

daem0n1x (748565) | about 3 years ago | (#37363290)

Wow, I'm soooo sure a vast majority of the poor innocent domain parkers fall into these extremely specific cases you just described. Oh, the poor innocent domain parkers, being persecuted by shameless Internet crooks. I'm soooo sad.

Re:I am confused (0)

Anonymous Coward | about 3 years ago | (#37362442)

I feel the same way about Advertising and Marketing companies, but that does not make it/them illegal.

Interesting. (1)

gcnaddict (841664) | about 3 years ago | (#37360496)

Why is the United States Secret Service involved? From what I remember, the USSS is involved in matters of dignitary protection and anti-counterfeiting operations. Are the scammers involved in either of these?

Re:Interesting. (3, Informative)

ikkonoishi (674762) | about 3 years ago | (#37360610)

http://www.secretservice.gov/investigations.shtml [secretservice.gov]

Since 1984, the Secret Service's investigative responsibilities have expanded to include crimes that involve financial institution fraud, computer and telecommunications fraud, false identification documents, access device fraud, advance fee fraud, electronic funds transfers and money laundering as it relates to the agency's core violations.

Re:Interesting. (1)

mevets (322601) | about 3 years ago | (#37360618)

I believe they are considered competition. The scammers need to be sent to Libya for some special interrogation.

Re:Interesting. (0)

Anonymous Coward | about 3 years ago | (#37360798)

Yes, they deal with these kinds of things as well. Also, according to the article, a number of the machines involved are in the US and are considered part of an attack from "US soil".

Re:Interesting. (1)

evanism (600676) | about 3 years ago | (#37360800)

and whacking people

Re:Interesting. (0)

Anonymous Coward | about 3 years ago | (#37361894)

That's the CIA's turf.

Re:Interesting. (1)

deniable (76198) | about 3 years ago | (#37360978)

They're been looking at cyber-crime and roleplaying supplements [wikipedia.org] for a long time now.

death threats (1)

phantomfive (622387) | about 3 years ago | (#37360510)

I thought death threats were just what happens to anyone who becomes remotely famous.

Umm... unplug it? (-1, Troll)

gearloos (816828) | about 3 years ago | (#37360518)

Umm, why not just un plug the computer.. then the death threats are gone! lol seriously LMFAO Internet gets too hot, just turn the dam computer off.

Re:Umm... unplug it? (3, Insightful)

WorBlux (1751716) | about 3 years ago | (#37360592)

That's the most fucking asinine or exceedingly obtuse comment on this page yet. The threat doesn't go away when you turn the computer off. The damage of a death threat isn't in the symbols used to convey the message, but the intent it converts.

politics, sideways, offtopic, -1 retarded (1, Insightful)

mevets (322601) | about 3 years ago | (#37360654)

Too bad the general media don't get this idea. They are way to busy gazing at the medium is the message to understand that the medium is transitory.

The TP (Tea Party, or something for wiping you ass with) get this; they don't say anything that is explicitly racist - as an example -, but almost everything they say is inherently racist. Like a magician slipping a card, you can't pin him to what he did, but the end result is the same. It is way more McLuhan than McLuhan itself [ sorry, stolen from a stoned friend who gushed 'it is more chocolaty than chocolate itself' ]

More on opic, front-ways, to you sir, I say "*WHOOSH*".

Re:Umm... unplug it? (0)

Anonymous Coward | about 3 years ago | (#37360668)

wow dumass, not only do you fail to recognize the symbolism but you shower your uninformed opinions.

Re:Umm... unplug it? (0)

Anonymous Coward | about 3 years ago | (#37360666)


   

    • Go away!

But is the evil Cheese after me? (1)

gearloos (816828) | about 3 years ago | (#37360556)

It's the Cheese. The evil cheese...

Jeez RTFA (1)

Anonymous Coward | about 3 years ago | (#37360698)

RTFA this wasn't simply some upset asshole in the Ukraine sending death threats, this was a pump and dump scam being uncovered, where they send a buttload of fake traffic to view the ads, and then run off.

Aren't IPs good enough to identify someone? (3, Funny)

AK Marc (707885) | about 3 years ago | (#37360722)

If they can sue based on IP, why can't they get the names and addresses of everyone involved?

There's only one thing that will end this. Find every IP launching the attack and prosecute them for hacking, even if all they did was own an insecure system. You have to push the responsibility back on the people allowing the attacks. It's illegal to leave your car running attended because it's an attractive nuisance.

Re:Aren't IPs good enough to identify someone? (0)

Anonymous Coward | about 3 years ago | (#37360762)

It's illegal to leave your car running attended because it's an attractive nuisance.

Thus, it is finally explained: The blank stares on every morning traffic-goer's face.

Re:Aren't IPs good enough to identify someone? (4, Interesting)

julesh (229690) | about 3 years ago | (#37360812)

If they can sue based on IP, why can't they get the names and addresses of everyone involved?

FTFA:

Scammers would change their origin of attack to evade blocking and Gilmour would respond in kind.

In the last hour, the attacks have moved to Indonesia where some 28,000 unique IP addresses are attacking his sites every few minutes.

So you're suggesting he sues 28,000 indonesians? And then when the botnet operator switches to a different IP range, another few thousand people of some other nationality. And then another, and another. And you think that's going to work because...?

It's illegal to leave your car running attended because it's an attractive nuisance.

Maybe where you live it is. I can assure you it isn't where I am. Which is the problem: laws work differently in different countries. Sometimes even in different regions of the same country. The Internet is international. Even if some jurisdictions have laws that you can use against attacks like this, not all do. And that just means the attackers will end up working from those that don't.

Re:Aren't IPs good enough to identify someone? (0)

Anonymous Coward | about 3 years ago | (#37360900)

different IP range? some other nationality ?

If i was skidding it up, i'd just throw the whole botnet @ what ever im trying to drop... I wouldn't be splitting them up into countries..

Re:Aren't IPs good enough to identify someone? (0)

Anonymous Coward | about 3 years ago | (#37362752)

Yeah, but you don't want the whole botnet to get busted at one time.

Re:Aren't IPs good enough to identify someone? (0)

Anonymous Coward | about 3 years ago | (#37361426)

time to ban microsoft windows from the internet

Re:Aren't IPs good enough to identify someone? (1)

AK Marc (707885) | about 3 years ago | (#37364304)

So you're suggesting he sues 28,000 indonesians? And then when the botnet operator switches to a different IP range, another few thousand people of some other nationality. And then another, and another. And you think that's going to work because...?

I'm suggesting that the ISP in Indonesia disconnect those 28,000 IPs for criminal activity, check them for viruses and turn them back on after they are clean, billing those 28,000 criminals for cleaning up their illegal activities.

It'll work because when people realize their criminal negligence of having an insecure system attached to a network will result in something other than a slower computer, they'll take the bare minimum of security steps, making the world a better place. Why do you hate the world and support the criminals?

. I can assure you it isn't where I am.

I don't believe you. It's explicitly illegal to leave a running car unattended in TX. However, people have been successfully prosecuted (or sued) for it elsewhere, even where it is not illegal. Tell me where you are, and I can try to assist you in determining legalities.

Re:Aren't IPs good enough to identify someone? (1)

Xugumad (39311) | about 3 years ago | (#37361036)

> Find every IP launching the attack and prosecute them for hacking, even if all they did was own an insecure system.

Even if they get hit by a 0-day attack?

Re:Aren't IPs good enough to identify someone? (0)

Anonymous Coward | about 3 years ago | (#37362872)

Yes. It's the only way to get people to stop installing Adobe Acrobat and using IE 6.

Re:Aren't IPs good enough to identify someone? (0)

Anonymous Coward | about 3 years ago | (#37363674)

Yeap. Maybe even especially if it's a 0 day.

Software sucks because the consequences of insecurity are externalized.

Big company like RSA gets hacked. They lie and obviate for weeks, while slowly filling people in on the reality. Delayed disclosure with directed leaks puts whimperings in the media, but it never gets picked up by the mainstream in an interesting way--people are too bored with 'geekbabble' by the time the full truth comes out. Pain managed.

The real victims...lockheed et al...that had their networks compromised as a result... do the same damn thing.

And so on, the piss trickles downward until you're drowning in it and don't know it. Because in every single case the PR and media and EULA's manage to externalize the problem.

So yeah...take that little guy...the externality who only loses $50 in his credit card statement--and fucking sue him. Push the prices up unbearably so he refuses to do business with people that treat him this way. Sooner or later, the piss will trickle back upwards, and people will actually write secure software.

It isn't fucking impossible. People just hire craptastic programmers over and over, or hire good ones and ask them to implement an ACL system in 16 hours while writing the user guide.

So yeah, sue the people that got brought into the botnet by a 0 day. If they want, they can form a class action and sue Microsoft for selling them shitty software to recoup their losses.

Re:Aren't IPs good enough to identify someone? (1)

AK Marc (707885) | about 3 years ago | (#37364314)

As another respondent mentioned, if they are using "old" versions when the current ones are secure, it's still negligence. If they are on the current version and it's compromised, then prosecute the maker of the software.

Re:Aren't IPs good enough to identify someone? (1)

gl4ss (559668) | about 3 years ago | (#37361108)

that approach is simply not practical.
never met the polish irc gangs?

and no, they aren't good enough.

the guy should just use cloudflare I suppose. but there's the streisand effect now for his blog post.

Re:Aren't IPs good enough to identify someone? (0)

Anonymous Coward | about 3 years ago | (#37362036)

It's illegal to leave your car running attended because it's an attractive nuisance.

So everyone who drives is a criminal, and everyone who rides with them an accessory?

I wonder if I'll receive a stiffer punishment if I take any other means other than walking or bicycling to go to the nearest police station and turn myself in.

Aussies (-1)

Anonymous Coward | about 3 years ago | (#37360988)

Stop calling us aussies all the time thanks
Do we call you yanks everytime you get in an article? No.
Quit it.

Re:Aussies (0)

Anonymous Coward | about 3 years ago | (#37361100)

It's like people calling us Canucks instead of Canadians. Nothing mean-spirited about that... you guys are known as Aussies and it's considered a cool thing over here.

Re:Aussies (0)

Anonymous Coward | about 3 years ago | (#37361372)

US native, but having lived in Australia for several years, I call bullshit: Poster is not Australian.

Never met an Australian yet who objected to being called an Aussie.

And yes, Australians call us 'yanks' and Britons 'poms' more often then they use the proper names.

Re:Aussies (0)

Anonymous Coward | about 3 years ago | (#37361440)

s/Yanks/bloody Yanks/

s/Poms/bloody Poms/

s/Aussie/fair dinkum Aussie/ :D

Re:Aussies (0)

Anonymous Coward | about 3 years ago | (#37361476)

As an Aussie I'd have to agree; the word 'Aussie' is perceived here as a generally positive term. At worst it could be seen as jingoistic. On the other hand 'yank' and 'pom' are not always meant as terms of endearment...

Re:Aussies (0)

Anonymous Coward | about 3 years ago | (#37361588)

We're aussies, we call ourselves aussies, get over it mate.

And nothing of value was lost (0)

Anonymous Coward | about 3 years ago | (#37361014)

Tinkering aside, Gilmour considered the attacks a symptom of the endemic lawlessness of the internet and failures of law enforcement to defend its users.

“I can buy a botnet for a buck a day and put anyone out of business," he said. “Governments have done nothing over the last 10 years to this clear and present danger, save for some posturing.”

1stworldproblems. Cry me a river.

Backfire? (1)

Anonymous Coward | about 3 years ago | (#37361618)

These IP addresses that are now logged to have attacked this site's blog, might also have been used for clicking these ads. If these addresses are given to the advertising companies I see at least to possible steps to take:
1) Block the IP addresses from generating ad-revenue. This should save them *some* money.
2) Find out which ads has been vigorously "clicked" from these IP addresses and find out which company that gets paid for it. That would probably be a good starting point for an investigation.

Why doesn't he just unplug for a few weeks? (1)

gatkinso (15975) | about 3 years ago | (#37361844)

Would be a great time for a vacation.

I have very little sympathy for "Domainers" (1)

tomhudson (43916) | about 3 years ago | (#37362118)

The guy has half a million domains that he's squatting on. Why is he described as "a blogger"?

Park Logic was Gilmourâ(TM)s domain parking company that hosted half a million domain names.

He wrote some blog posts about other domain scammers, and they're retaliating. Awwww .... nothing to see here, folks ....

Can some enthusiastic civil-rights advocate... (1)

Legal.Troll (2002574) | about 3 years ago | (#37362400)

...please lecture me on how the authorities have no right to attempt to trace any of these IP addresses, either those performing the DDOS attacks or those thought to orchestrate the botnet's activity, because an IP address is not a person and the cops have no way of knowing who was sitting at a computer keyboard at a given time?

Plz.

Thx.

Bye.

How are they monetizing this? Google? (1)

Animats (122034) | about 3 years ago | (#37362766)

Absent from the article is a key question - how does either the "domainer" or the scammer make money? Pumping fake traffic through fake domains is usually monetized through Google AdSense.

Re:How are they monetizing this? Google? (1)

theskipper (461997) | about 3 years ago | (#37363176)

Let's say you own "redcars.com" and have it parked with Google, Parklogic or other parking service. The PPC ads shown on the site are from Google or Yahoo ad feeds that were negotiated by the parking company. You get a portion of the revenue generated when a legitimate click occurs, the parking company gets some and the feed provider keeps the rest. If using Adsense for Domains then Google keeps the latter two cuts.

The scammers will offer you $1000 for your account at the parking company. You agree, take the money and give the scammer your login info.

They then push fake traffic to the domain, run up the clicks and collect the proceeds from the parking company. The parking company then gets stuck with unhappy customers (advertisers) from the ad feed which affects their revenue. Ideally the scammer is long gone and has collected more money in parking revenue than it cost to buy the account.

The owner of Parklogic (Michael Gilmour) wrote a series of articles exposing this. The scammers retaliated.

"Domainers" have nothing to do *directly* with the scam. But some do take the $1-3k payoff without realizing what exactly is going on.

Clearing up a few things... (1)

Da_Big_G (3880) | about 3 years ago | (#37363022)

I know Michael personally, have read his blog for a couple years, and am familiar with his meta-parking service.

He's definitely one of the parking industry's most stand up guys. He's not a domain scammer, nor anything close to that. Advertisers love his service because he cuts off anyone with bad traffic. Now he's exposing the seedy underbelly of the parking industry... which of course seems to have pissed off some people.

The scammers make money by pounding advertisers' PPC links on parked pages and getting paid, then moving on to different accounts before Google or Yahoo can charge back against the first set of accounts. The middleman (parking co or Michael's co) gets burned in the process.

Re:Clearing up a few things... (1)

BillX (307153) | about 3 years ago | (#37363526)

Have to say, I don't think this guy will get much sympathy on /., even if he is exposing a whole different level of scum among scummers. There is, by definition, no such thing as legitimate traffic to a parked domain. Nobody wants to go there.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?