Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

CastleCops.com Hit With Reputation-Based Attacks

Zonk posted more than 6 years ago | from the its-a-dirty-web-out-there dept.

Security 79

An anonymous reader writes "The all-volunteer based online fraud fighting group CastleCops.com is currently the target of ongoing reputation-based attacks in which criminals use phished PayPal accounts to donate thousands of dollars to CastleCops from dozens of victims. This attack appears to be in response to a recent series of failed denial-of-service attacks against the CastleCops, Web site. From the story: 'A few donations were for as little as $1, while other fake donations ranged as high as $2,800. To the victims of the stolen PayPal accounts, it looks as if CastleCops is the one stealing their money, when in reality, it's the attackers. Also, the fraudulent activity seeks to ruin their relationship with PayPal.' In a comment left on Washingtonpost.com's Security Fix blog, CastleCops co-founder Paul Laudanksi says while the group's site remains under a heavy DDoS attack, it is currently down due to a hardware failure, not the attack itself."

cancel ×

79 comments

... my thoughts (-1, Offtopic)

Anonymous Coward | more than 6 years ago | (#20656013)

First comment!

Hobby or business? (-1, Troll)

winkydink (650484) | more than 6 years ago | (#20656025)

CastleCops needs to start treating what they are doing more like a business and less like a hobby.

Re:Hobby or business? (5, Informative)

Umuri (897961) | more than 6 years ago | (#20656091)

"CastleCops needs to start treating what they are doing more like a business and less like a hobby."

Thank you for your very deep and wonderful insight!
Obviously you have found the core of all their problems was that they obviously don't take what they are doing seriously, and because of that, the groups they are fighting against use sneaky tactics through third party companies to enact harm upon them.

Because that makes sense and is something they obviously could have stopped if they had only "treated it more like a business", whatever that means. No one knows, because you didn't even elaborate.

[/sarcasm]

Re:Hobby or business? (5, Insightful)

gravos (912628) | more than 6 years ago | (#20656625)

How about this: Paypal needs to start treating their customer service situation more like a business and less like a hobby.

Re:Hobby or business? (2, Insightful)

Umuri (897961) | more than 6 years ago | (#20656709)

That may be so, and paypal is more like a free money tree for them, than a hobby.
In that regard they are treating it exactly like a business, maximum profit for least work. Not a good business, but a profitable one none the less.

However the GP said that castlecops was the one treating it not like a business. Still not sure what he meant.

No one questioned paypal's buffoonery

Re:Hobby or business? (0)

Anonymous Coward | more than 6 years ago | (#20657997)

PayPal for a BlowJob? Isnt that what got Jerry Springer in trouble when he was Mayor of cincinatti? http://en.wikipedia.org/wiki/Jerry_Springer [slashdot.org] >Springer wrote a prostitute a check!!!

Re:Hobby or business? @ Paypal (0)

Anonymous Coward | more than 6 years ago | (#20660563)

I couldn't agree more. Paypal is a yoke.

Re:Hobby or business? (-1, Redundant)

Anonymous Coward | more than 6 years ago | (#20656501)

CastleCops needs to start treating what they are doing more like a business and less like a hobby.

And what then? People who don't like them will magically quit stealing money in their name? Their site will stop having DDoS attacks? Newsflash for you, buddy: even large corporations get DDoS attacks and fraud. Should banks treat what they are doing "more like a business" to stop people from sending out phishing emails, or are they "business enough" to prove that your statement is ludicrous?

I read the topic as "Republican-Based Attack" (-1, Flamebait)

Tatarize (682683) | more than 6 years ago | (#20656071)

Eh, sounds about right... I thought to myself.

Re:I read the topic as "Republican-Based Attack" (3, Funny)

geoffrobinson (109879) | more than 6 years ago | (#20656695)

You've been spending too much time on slashdot.

Re:I read the topic as "Republican-Based Attack" (0, Troll)

the-matt-mobile (621817) | more than 6 years ago | (#20657343)

So, what value are comments like this really? Yes Virginia, you can't read. Hooked on phonics is your friend.

But, you ripped on the Republican party so maybe the slashbots won't mod you into oblivion for it. Ah, "News for nerds, first posts that suck".

It's ironic... (-1, Troll)

Spy der Mann (805235) | more than 6 years ago | (#20656119)

that the attacks were done with spam-obtained accounts. IMO the users shouldn't be refunded - they deserve that for being stupid and clicking "here!" on those e-mails.

Re:It's ironic... (4, Insightful)

Billosaur (927319) | more than 6 years ago | (#20657043)

Agreed -- to a point. Phishing is like the Internet equivalent of mugging, in that your money is taken involuntarily, but the fact is, you click the link that enables the phisher to get your cash. People have to be accountable for their own actions. I would give them full refunds, but then if I was PayPal I would flag their accounts and scrutinize every transaction from there on out for at least a year to make sure they didn't repeat the mistake. Maybe after their payments continue to be delayed by the extra processing, the users will think twice before clicking any link. And if they don't, and get bagged again, automatically shut down their account.

Re:It's ironic... (2, Informative)

FrameRotBlues (1082971) | more than 6 years ago | (#20660755)

This article caught my eye because I recently had my PayPal account hacked, and someone tried to withdraw (coincidentally?) $2800. I don't have $2800, so my bank denied the transaction and charged me $35. I immediately logged on to PayPal and they had put up a bunch of verification hoops to jump through, which I gladly did.

I'm pretty savvy when it comes to phishing, I always hover over questionable links to see where the HTML leads to, and some of the phishing e-mails I get purporting to be PayPal are laughable, rather than laudable. Spelling errors, typos, repeat sentences with different information... I swear, the majority of phishers are complete idiots, and couldn't hold a job at McDonalds if they tried.

But that really says something about the intelligence of some of those recipients, since some people DO fall for the e-mails.

FYI, I changed my PayPal password from an 8-digit to a 20-digit, but my bank made the good suggestion that I change bank accounts as well, since that information might not be secure now, either.

Re:It's ironic... (1)

mike2R (721965) | more than 6 years ago | (#20664765)

Maybe after their payments continue to be delayed by the extra processing, the users will think twice before clicking any link.

It would also annoy sellers a lot. If you can take credit cards, why would you bother taking PayPal when there's a chance you get the headache of having to hold stock for a customer while payment is approved. Paypal doesn't have enough of the market compared to credit cards in ecommerce to pull tricks like that.

You'd think... (4, Interesting)

ackthpt (218170) | more than 6 years ago | (#20656143)

With CastleCops.com as a honeypot, ISPs could be contacted to the origin of the DDoS attacks, PayPal could do some investigating of their own as to the IP origins of donations and do something about this stuff.

Fer Bob's sakes, this isn't 2001 anymore, when are these companies and perhaps goverment going to make some strides in shutting down bots and zombies?

Re:You'd think... (0)

Anonymous Coward | more than 6 years ago | (#20656289)

PayPal could do some investigating of their own as to the IP origins of donations and do something about this stuff.
Nah, they'll just keep all the money for themselves and then do fuck all.

Not until a law is passed. (2, Insightful)

khasim (1285) | more than 6 years ago | (#20656331)

It costs the ISP's money to turn off a customer's account ... and then deal with the customer calling and swearing that HIS computer is not the problem.

The ISP's are NOT going to spend the money UNLESS they're facing larger fines if they do not do so.

Not to mention that the ISP's usually don't hire the best and brightest out there. I don't believe they could tell the difference between the slashdot effect and a DDoS. How many of the people here would be happy to find out that their they've been cut off because their machines were participating in a "DDoS" of some website? When all they were doing is hitting a site with a story with HUGE graphics?

Re:Not until a law is passed. (2, Interesting)

apt142 (574425) | more than 6 years ago | (#20656839)

It also costs the ISP's money to leave the bot nets up. Imagine how much bandwidth would just free itself up if all the spam, phishing, DDoS, and virus attacks just stopped. I don't know the statistics, but it must make up a shit load of traffic.

Of course, there is a profit to be made in people upping their connection speeds because their pwnd computer is spewing garbage.

But, if I were offered a service where I could count on less of this crap clogging up my tubes, I'd take it.

Re:Not until a law is passed. (4, Funny)

miskatonic alumnus (668722) | more than 6 years ago | (#20657411)

I don't know the statistics, but it must make up a shit load of traffic.

Oh, come on. You just pulled that statistic out of your ass.

Re:Not until a law is passed. (0)

Anonymous Coward | more than 6 years ago | (#20658321)

Pulled? I think you are doing something wrong. Next time push it out.

Re:Not until a law is passed. (2, Funny)

apt142 (574425) | more than 6 years ago | (#20658653)

And then I just flung it out there!

Re:Not until a law is passed. (1)

Lord Artemis (1141381) | more than 6 years ago | (#20657851)

Comcast has taken action against a number of suspected trojan/botnet victims. Unfortunately they'd actually been victimized by the infamous Apache Web Server, OpenSSH server, and FTPd server trojan (AKA no trojan at all, just a standard server setup), but it does show that ISPs are trying.

Re:Not until a law is passed. (1)

d3ac0n (715594) | more than 6 years ago | (#20666553)

Actually, I know for a FACT that isn't true. Most ISP's (at least, US based ones) Are now using QOS and monitoring technology, and they regularly shut down virus-infected machines. I have contacts over at Time Warner's upper level tech support center, and they regularly get calls from people who have been shut down by TW's security division.

Back when I was at that call center (it was Adelphia owned back then) Adelphia had an internal group call the Internet Policy Enforcement Team (IPET). They would constantly be shutting down virus-infected and zombied machines. We would get calls all the time, sometimes as many as one or two a night that would have to be referred to IPET, as their accounts would also be flagged as shut down by IPET.

ISP's do try, but the problem is so massive that it simply outstrips their ability to deal with it. Most of this is due to easily infected Windows machines. Poor patching, unplugged security holes, outdated anti-virus and user ignorance (sometimes willful) combine to make it WAY too easy to create a zombie network and way too hard to shut it down.

Honestly, this problem isn't going to go away until security becomes the first design goal of operating systems instead of ease of use. Linux and Mac generally have this down, but they don't have the larger share of the end-user OS market. Microsoft does. At Microsoft, they only give lip-service to security, while making pretty 3D GUI's and adding toys seems to be the focus. Thusly, the problem of zombienets will continue to drain BILLIONS from the global economy while ruining the lives of otherwise innocent people, the victims of phishing attacks.

Re:You'd think... (1, Informative)

Anonymous Coward | more than 6 years ago | (#20656521)

Oh, aren't you the optomist.

To get bot/zombie nets shutdown would require MASSIVE multi-National support of Government's, TELCO's, ISP's, and politicians. The Gov's are too busy with the future of oil for that to every happen. As far as the Telco's are concerned, they're too busy tracking your web usage and shoving money in their back pocket. ISP's are just trying to stay in the market, much less effectively clamp down on traffic coming from their users. As for Policitian's, the software and hardware companies got them elected in the first place.

Can anyone say, 'Massive shutdown of internet services at some point in the future'?

Re:You'd think... (1)

ackthpt (218170) | more than 6 years ago | (#20656643)

Oh, aren't you the optomist. To get bot/zombie nets shutdown would require MASSIVE multi-National support of Government's, TELCO's, ISP's, and politicians. The Gov's are too busy with the future of oil for that to every happen. As far as the Telco's are concerned, they're too busy tracking your web usage and shoving money in their back pocket. ISP's are just trying to stay in the market, much less effectively clamp down on traffic coming from their users. As for Policitian's, the software and hardware companies got them elected in the first place. Can anyone say, 'Massive shutdown of internet services at some point in the future'?

It starts with one. One person, one company, one country, whatever, but it has to start.

I've seen any number of stories of arrests, but I haven't seen any company take the lead. They all seem to be sitting around waiting for someone else to solve the problem. Funny. Think this would be a selling point for a company -- we'll notify you if we see things coming from inside your school/business/home.

Re:You'd think... (0)

Anonymous Coward | more than 6 years ago | (#20659391)

To get bot/zombie nets shutdown would require MASSIVE multi-National support of Government's, TELCO's, ISP's, and politicians.

I'm just glad it doesn't require massive support from apostrophes.

Oh by the way, you for got to put one in politician's.

Re:You'd think... (1)

Nossie (753694) | more than 6 years ago | (#20661213)

I'm more concerned about the space in your 'for got'

kettle pot black?

Help Yourself. (1)

Erris (531066) | more than 6 years ago | (#20656963)

when are these companies and perhaps goverment going to make some strides in shutting down bots and zombies?

It's up to you. Botnets allow this kind of activity and there really is no way to trace the communications back to the source without reverting to POTS. Even then, those with enough power and skill can go undetected. OS diversification will help. Elimination of the weaker OS will do more. You can demand your freedom, that the government quit subsidizing non free software and change the way you and your business do things. The only one of the above you know will work is what you do for yourself.

Re:You'd think... (0)

Anonymous Coward | more than 6 years ago | (#20660955)

Fer Bob's sakes, this isn't 2001 anymore, when are these companies and perhaps goverment going to make some strides in shutting down bots and zombies?

I work for a small ISP. For it not being 2001 anymore, our technology to detect and stop this stuff is stuck in the mid to late 1990s not far off from where we started. In fact, we are probably worse off today. If a customer's machine is used in an attack, we might be able to detect them if the attack uses our mail server. Otherwise, it would be up to the company we outsource dialup to and the company we outsource DSL to.

We receive hundreds of attacks per day, but we do not report them to the source ISP since we have no automated response so it would take too much time and because many of the source ISPs these days are either unresponsive or the attackers themselves. It's amazing how often I've seen entire /24s set up as spambots where whois says one company is responsible for the whole segment that is spamming us. The attackers' URLs are almost always registered through ENom or ESTDomains or one of the whois "privacy" services (which should be banned IMO; whois is for contacting other admins, not an optional advertising service).

Re:You'd think... (1)

RazboiniKSS (896594) | more than 6 years ago | (#20663641)

They don't care to investigate anything.
They will say the policy doesn't cover non-traceable goods.
If you get paid for a service with a credit-card, the person who paid you can say next day is a fraudulent transaction, and you end-up with nothing. no investigation whatsoever, no even if the person is using the same ip (no fraud)

PayPal investigates all reports of unauthorized activity. PayPal will deny buyer claims of unauthorized account access when the evidence shows the transaction was in fact authorized. Our system is effective in screening out false claims. PayPal reserves the right to eliminate accounts held by users making false claims or otherwise have excessive problems.

We can't guarantee protection for you under the Seller Protection Policy when you sell intangible or virtual items. If it is determined that you are the recipient of fraudulent funds, and you have not followed the Seller Protection Policy, we have to send the funds back to the account whose funds were fraudulently used.

Emphasis mine.

How did we get here? (4, Interesting)

Anonymous Coward | more than 6 years ago | (#20656155)

How did we arrive at such a completely fucked-up state of affairs, where organized gangs from Russia control what is (arguably) the most powerful supercomputer in existence? How is it that cyber-criminals are able to act with such total impunity? Am I the only person who doesn't understand how this is being ignored amid all the noise about "the war on terror"?

Re:How did we get here? (2, Interesting)

DragonTHC (208439) | more than 6 years ago | (#20656505)

Russia doesn't care about this stuff. They are busy buddying up with china. And, china is busy hacking DoD servers.
The russian mafia has been in control of the country since the fall of the soviet union. The FSB is made up of former KGB and mafia officers.
These gangs operate with complete impunity.
The answer to these problems is physically denying network access to these countries. Turn off their Internet access.
This creates two problems: Let's see how long russia can go without the Internet, and let's see how long the rest of the world can go without russian porn.
While it's no surprise that communism creates immoral and unethical people, The US government needs to create a policy that makes sense.

The US government will not create that policy because russia is up to its old tricks. Russia has resumed bomber patrol flights. Russia is partnering with china in all sorts of treaties. Russia is creating tension over the US planned missile defense station in eastern europe.

The government, while not the stupid people we believe them to be, will not take steps to aggravate real potential threats against the country.
Their "war on terror" is just a ploy to trick the American people into stepping up military production.

Make no mistake, there is a storm brewing between the US and China. Russia has chosen their side. The middle east is the only unsecured front right now. The US is trying to secure it. Iraq is going to be full of air bases and US production facilities.

So, when organized hacker gangs terrorize American citizens, the US treats it like a civilian law enforcement matter. The US cannot afford to provoke aggression from the Russians.

Re:How did we get here? (0)

Anonymous Coward | more than 6 years ago | (#20656637)

Jesus christ. Did you have to take drugs or are you naturally that deluded and psychotic?

Re:How did we get here? (0)

Anonymous Coward | more than 6 years ago | (#20657335)

From my experience (I have friends like this) only taking a LOT of drugs will fry your brain to the point where you start having delusions about world-wide government conspiracies without any shred of proof. It's sad if you meet people like this because their reasoning abilities are just gone and the lines between their imagination and reality get blurred.

Re:How did we get here? (1)

posterlogo (943853) | more than 6 years ago | (#20657209)

I'd have to say I agree... there isn't really any war against terrorism or really anything based on principle. It's all about what's politically ok. Making nice with Russia and China seems to be politically ok with the current administration, though it should make any true conservative cringe. From the liberal view point, we should not put up with these countries who have no basic declaration of rights for their own citizens. Anyone who thinks the Chinese and Russian governments aren't ecstatic about their hackers targeting western servers is deluded.

Re:How did we get here? (1)

Billly Gates (198444) | more than 6 years ago | (#20658587)

The storm bot network is mostly in western countries with unpatched windows machines. If we cut off the internet to russia a russian mob official could just log into the storm network from the Us or any other western nation.

Also Reagan and many true conservatives refused to back down from the soviet union and neither will the current white house. However a second cold war is coming and you are 100% correct that Putin doesn't give a shit. Probably because the mobfia is more organized than his own security force and could assassinate him and destabilize his country if he pisses them off enough.

Maybe he is on it too? He has many ties to Russian oil firms and they also have ties with the mobfia over there. Infact its impossible to own a business without a friendly visit from these gangs demanding extortion and money laundering.

I dont think the US is scared or Russia. Its just inept and doesn't care or is too ignorant to know whats going on. If you and I were president it would be a different matter I am sure.

Local authorities here have no power to do anything and the federal government like the FBI and whitehouse need to do something before its too late. As it is online banking is going down in popularity because of hacks and people's information being stolen. In a few years the industry itself will die online.

Re:How did we get here? (1)

orclevegam (940336) | more than 6 years ago | (#20657533)

It's much harder to get oil out of Russia. Plus Muslims and Arabs are much easier to target than some nebulous Russian Gangs. And as the final straw, it's a lot easier to scare joe sixpack that some ebil terrorist is going to blow up his minivan, than some Russian Gang is going to DDoS his non-existant website.

Re:How did we get here? (1)

db32 (862117) | more than 6 years ago | (#20659765)

They aren't islamofacists that hate our freedom. They didn't try to kill our glorious leaders Daddy. They don't have vast...ok, well they do have a lot of oil, but its a hell of a lot more work to take it from them cuz they have "the bomb" already among other things. What are you confused about?

Re:How did we get here? (1)

psibrman (949329) | more than 6 years ago | (#20673379)

It's because we elect the asses in the country to lead us. That makes our responsibility. I will write the asses called congress and senate and again they will
sit on their asses. This why they're called asses. It's getting to the point
that I think we'll only get the proper response is when a handfull of them are hanging from lamp posts in Washington. I will write the asses. I urge others to do so. Maybe
we'll smell some gas from the hill which is not partisian

In Soviet Russia.... (5, Funny)

EricKoh (669058) | more than 6 years ago | (#20656209)

In Soviet Russia, phishers send you money..

What's wrong with people? (3, Insightful)

tomstdenis (446163) | more than 6 years ago | (#20656225)

Seriously. Is decency at such a low ebb that people have to stoop to attacking victim services and defense organizations? Seriously. Maybe if these people put half the time and energy they did into stealing they could actually get a real job and sleep well for a change instead of ripping people off all the time.

And while they're at it, they could stop sporging sci.crypt and other groups. That'd be nice. :-)

Re:What's wrong with people? (0)

Anonymous Coward | more than 6 years ago | (#20656347)

Is decency at such a low ebb that people have to stoop to attacking victim services and defense organizations?
You must be new here.

Re:What's wrong with people? (3, Insightful)

honeybuttertoast (1158569) | more than 6 years ago | (#20656433)

get a real job and sleep well for a change

I'm sure they sleep fine already. On a nice comfy expensive bed.

Re:What's wrong with people? (1)

HomelessInLaJolla (1026842) | more than 6 years ago | (#20656439)

Is decency at such a low ebb
Look for CastleCops' karma to be modded to "terrible".

Maybe if these people put half the time and energy they did into stealing they could actually get a real job and sleep well for a change instead of ripping people off all the time.
A good portion of the people who spend their lives maliciously destroying the reputations of others do not need a "real job". Many are independently wealthy or come from lineages that have never had a shortage of wealth. They're not out to ruin others' reputations for money--they do it for entertainment.

Re:What's wrong with people? (0)

Anonymous Coward | more than 6 years ago | (#20657679)

Evidence? Proof? Facts to back up your ludicrous claims? As usual, none are, or shall be, forthcoming.

Re:What's wrong with people? (0)

Anonymous Coward | more than 6 years ago | (#20672713)

Look for CastleCops' karma to be modded to "terrible".

TROLL. You continuously and repeatedly:

+ resort to ad hominem attacks against other posters

+ post grand conspiracy theories and other assertions without a single piece of factual evidence to back them up

You were downmodded because you are a troll.

A good portion of the people who spend their lives maliciously destroying the reputations of others do not need a "real job". Many are independently wealthy or come from lineages that have never had a shortage of wealth. They're not out to ruin others' reputations for money--they do it for entertainment.

You need a "real job", go find one. No one modding you down is "ruining your reputation" - your own vitriolic posts did that.

Whether it's your alleged state of homelessness, or your terrible karma, you are simply reaping the rewards of your actions. You have no one to blame but yourself. The sooner you put on your big boy pants, start taking responsibility for yourself, and act like a man and not a sniveling little pissant, the better.

Re:What's wrong with people? (1)

HomelessInLaJolla (1026842) | more than 6 years ago | (#20674755)

As God looks down on the angry and embittered atheists and unfaithful and sends them even more life...

So I look down on you.

And I laugh.

Re:What's wrong with people? (0)

Anonymous Coward | more than 6 years ago | (#20676871)

Keep laughing. I have a house and sleep in a bed each night. The joke's on you.

Re:What's wrong with people? (1)

kevin_conaway (585204) | more than 6 years ago | (#20656457)

Seriously. Is decency at such a low ebb that people have to stoop to attacking victim services and defense organizations? Seriously.

Nope. Thanks to our 24/7 instant news society, you just hear about things a lot more often

Humans will always prey on one another. The only thing that varies is the degree

Re:What's wrong with people? (1)

Billosaur (927319) | more than 6 years ago | (#20656857)

Predators always tend to be outnumbered 100 to 1 by prey... which is why the predator becomes a consummate hunter and picks on the weak elements of the herd. No different on the Internet. The spammers and phishers are probably outnumbered 100,000 to 1, but as long as the continue to prey on the weak elements of society (read: the tech un-savvy), they will continue to prosper and flourish. They only way to make it harder for them is to change the environment they are operating in... or hunt them down.

Re:What's wrong with people? (1)

daft_one (532587) | more than 6 years ago | (#20656471)

Seriously?

Re:What's wrong with people? (0)

Anonymous Coward | more than 6 years ago | (#20661363)

No, just kidding. Seriously.

Re:What's wrong with people? (1)

MLCT (1148749) | more than 6 years ago | (#20656611)

What's wrong with people? The people that do this are scum, that's all. The digital age makes their activities much more visible, but they are essentially the same people that punch a grandmother in the face and steal her wedding ring - just criminal scum who will do anything to get what they want, no matter how low.

Re:What's wrong with people? (1)

Billosaur (927319) | more than 6 years ago | (#20656943)

Seriously. Is decency at such a low ebb...

See also:

  • O. J. Simpson
  • Scott Peterson
  • Phil Spector
  • Robert Blake
  • Timothy McVeigh

Re:What's wrong with people? (1)

Afecks (899057) | more than 6 years ago | (#20659869)

O. J. Simpson
Hey, I thought he was innocent?

Re:What's wrong with people? (1)

businessnerd (1009815) | more than 6 years ago | (#20660979)

Jury is still out on Spector. While I understand what you are saying, let's at least uphold the "innocent until proven guilty" ethos.

Re:What's wrong with people? (1)

PhilHibbs (4537) | more than 6 years ago | (#20665377)

I don't know if he's a murderer, but regardless of the current case, he's still a naughty man, and I'd have said he was such before the current case even started.

Re:What's wrong with people? (0)

Anonymous Coward | more than 6 years ago | (#20658045)

And while they're at it, they could stop sporging sci.crypt and other groups
Personally I don't know which worse, idiots spamming sci.crypt to hell and back or tomstdenis pimping the latest one line change to his crypto library in an attempt to get anyone to use it.

Modern-day Joe Job (2, Informative)

njfuzzy (734116) | more than 6 years ago | (#20656271)

A few years ago, I got hit with a Joe Job. Someone sent out spam to a very large list, pretending to be me, advertising a service I actually provided then. The email was badly spelled, made the emphasis very unprofessional, and linked to my site. The goal, and maybe the result, was to make me look like an ignorant, asshole spammer. They paaid to do this, though not a lot I imagine. This seems to be a very similar kind of attack.

Re:Modern-day Joe Job (5, Informative)

tomstdenis (446163) | more than 6 years ago | (#20656397)

At least your joe-job sounded PG-13. When crypto trolls in sci.crypt wanted me off the scene they posted child porn with my home address and phone number (neither kept secret, but obviously I didn't want them tied to that). After the initial wave of kiddie porn, they decided to re-post my posts in thousands of groups. When my 2nd book was coming out they re-posted a single post I wrote about the book (sans URL) and included the URL. Net result, lots of death threats, spam, hate mail, and low reviews on Amazon from people who have never read the book.

The sad thing is, if someone really wants to cause hell for another it's not all that hard. 99% of net users are ignorant to how trustworthy things like a "from" address are. In fact, we had to joe-job [privately] one irate poster who kept assuming joe-jobs were impossible with email. So my brother and I sent him emails with his name and address on them. (this was all in private, not public). In the end he told us to leave him alone (and we did) and he never really conceded the point.

People are dumb. This just proves they're also mean.

Which is why I study music instead now. The Internet is just too much of a waste.

Re:Modern-day Joe Job (3, Insightful)

Billosaur (927319) | more than 6 years ago | (#20657187)

Which just goes to show what psychologists have known for years: the mob is fickle and easily incited. All you have to do is chant "child porn" and point a finger and the dogs are all over you. What hurts with something like that is that information on the Internet has permanence unlike anything else, which mans even if you clear up a misconception, misunderstanding, or outright fraud, the original information continues to exist and people will still believe. To paraphrase, "a lie repeated often enough starts to sound like the truth."

It's like raaaiiiiiiiiaaaain (1)

Dogtanian (588974) | more than 6 years ago | (#20656503)

The email was badly spelled, made the emphasis very unprofessional, and linked to my site. The goal, and maybe the result, was to make me look like an ignorant, asshole spammer. They paaid to do this
Does that mean that this message is another fake attempting to make the real njfuzzy look unprofessional then?

Re:It's like raaaiiiiiiiiaaaain (2, Funny)

njfuzzy (734116) | more than 6 years ago | (#20656783)

Oh my god, I made a typo. You have shamed me for life.

Re:It's like raaaiiiiiiiiaaaain (1)

Dogtanian (588974) | more than 6 years ago | (#20656981)

Oh my god, I made a typo. You have shamed me for life.
That's odd, it was only supposed to be a lighthearted joke. Maybe I should go back to sticking ;-) smileys at the end.

PayPal can understand this, act accordingly (1)

unity100 (970058) | more than 6 years ago | (#20656405)

fraud is the biggest problem of paypal. here we have an anti fraud org under attack by fraudsters.

paypal under ebay is not stupid as the old paypal to not understand the importance of this, and not defend the enemy of its enemy.

Re:PayPal can understand this, act accordingly (1)

abbamouse (469716) | more than 6 years ago | (#20660003)

"paypal under ebay is not stupid as the old paypal to not understand the importance of this, and not defend the enemy of its enemy."

I seriously have no idea what this means. Try dropping out a few "nots" and rephrase. Is the new or old paypal more stupid? They both seem idiotic to me.

Re:PayPal can understand this, act accordingly (1)

unity100 (970058) | more than 6 years ago | (#20660091)

new paypal is all roses compared to old midwestern crooks.

While you were sleeping (2, Insightful)

packetmon (977047) | more than 6 years ago | (#20656631)

You know... A while back I rambled on about lazy ass engineers [merit.edu] who have the capability to stop botnet DDoS traffic. Went unanswered, some mumbled those with the capabilities to stop it did nothing. As for the financial fraud occurring, its unfortunate but will likely be resolved too. Its a shame when people go out of their way to make things better only to be trampled upon. Kudos to Castlecop's team for their resiliency. As for the network engineers who peruse this site, this could one day be you too. Think about that before you decide to just brush away calls for assistance when dealing with botnets and attacks.

Re:While you were sleeping (2)

Timothy Brownawell (627747) | more than 6 years ago | (#20657083)

You know... A while back I rambled on about lazy ass engineers [merit.edu] who have the capability to stop botnet DDoS traffic. Went unanswered, ....

Funny. What makes you think that they have that capability? Even when the traffic is distinct enough to filter, I'd think inspecting it all would take quite a lot more hardware than they're used to using...

Re:While you were sleeping (2, Informative)

packetmon (977047) | more than 6 years ago | (#20657251)

No doesn't take as much as you think. http://www.arbornetworks.com/index.php?option=com_content&task=view&id=56&Itemid=33 [arbornetworks.com] If NAP's and NSP's created a policy to their downstreams vis-a-vis this would almost be a thing of the past. http://www.infiltrated.net/?p=23 [infiltrated.net] (warning if you're a network engineer, this will likely piss you off love it or hate it)

castlecops is on isc's network (vixie) (0)

Anonymous Coward | more than 6 years ago | (#20657911)

network engineers who i've asked to help track these ddos's have been extremely helpful. but if anyone here isn't peering with isc and/or donating transit, and you'd like to, and you're located in 1735 lundy, 529 bryant, or 200 paul, then please drop me a note off-line. vixie@isc.org

In other news (1)

jointm1k (591234) | more than 6 years ago | (#20656723)

The Republican Party made a generous donation to the Black Panthers.

Re:In other news (1)

amcdiarmid (856796) | more than 6 years ago | (#20660537)

If I remember sneakers, the republican party war-chest disappeared - but greenpeace received a record donation from an anonymous donor.

http://en.wikipedia.org/wiki/Sneakers_(movie) [wikipedia.org]

Add a verify by phone option to paypal (1)

spectro (80839) | more than 6 years ago | (#20657397)

Paypal can add an option for your donation account to verify by phone before accepting the charge. This way you call every donator to confirm their donation (and probably thank them) before their credit card is charged.

Thanks to the fraudsters (1)

future assassin (639396) | more than 6 years ago | (#20657625)

for making it on the news. If it wasn't for you I wouldn't have know CastleCops.com excisted. Extra attention you didn't want.

DDos (1)

maxin16 (1112815) | more than 6 years ago | (#20657897)

"the group's site remains under a heavy DDoS attack"

Doesn't this always happen when a site is mentioned on Slashdot?

This can't go on (1)

rastoboy29 (807168) | more than 6 years ago | (#20660887)

The internet is essentially currently ruled by the might-as-right school.  Thus, the necessity of "vigilante" groups like CastleCops, and their own destruction at the hands of gangsters in control of botnets.

Until national governments get serious about bad actors in their countries (China and Russia, I'm looking at you), we won't have real justice on the net.

And then, once we do, we'll need to make sure our national governments keep it reasonable.

Gah.  Maybe anarchy is better.

DDoS and PayPal (1)

azrin_abbas (1161153) | more than 6 years ago | (#20727835)

I have always been fascinated with DDoS attack. The ability to attack a single target from various computers has made me grown knowing the importance of network security. And the target that can stand the test of DDoS is even fascinating. If it is as acclaimed, then, my heartiest congrates to CastleCops! And PayPal..just a reminder. Please be aware that PayPal is not a bank. So it doesn't have any kind of obligations to follow any of the rules and regulations of a bank. Which means it is not entitled, to refund any credits lost. Within e-bay, it's safe enough. Out of e-bay, fraudelent is almost unavoidable.
Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...