DDoS Onslaught on Phish Fighting Firms
Castlecops is a voluntary security community that runs an investigation service on well-known phishing websites. Under an ongoing botnet-powered attack a distributed denial of service (DDoS) hit the company networks rendering its website unreachable on February 19, 2007.
Paul Laudanski, principal man in Castlecops posted on a blog of Infoworld weblogs on February 14, 2007 calling on users about the DDoS attack on castelcops.com on Monday night. He said that the site was down for approximately two hours but the site's ISP and its upstream vendor was able to repair the problem.
A DDoS involves a network of systems compromised to be used for sending out mass e-mails and overwhelm the bandwidth of the system it targets. The target is usually a web server. These servers are legitimate and reputed in their services. The DDoS attack cripples the web sites the server hosts and makes them inaccessible on the Internet.
Castlecops was founded in 2002 and has a reputable Phish Incident Reporting and Termination (PIRT) taskforce. Surfers who come across fraudulent sites can report to the company who then initiates an investigation. The firm's volunteers work hard to even remove the bogus sites from the Net. The organization also educates users about malware threats.
Though the exact motive of the attack is not clear but the perpetrators' obvious purpose could be to make the anti-phishing website unavailable, from which they have much to gain.
The website returned by Tuesday, February 20, 2007 but could not restore all its services. Laudanski, however, assured through his company website that they will prevail.
He said the DDoS attack was consistent at 44Mb/s. But that will not silence them just because someone is not happy because Castlecops is up and running.
In a series of attacks aiming organizations seeking to thwart the efforts of phishers, spammers, or other cyber criminals, Castlecops is the latest target.
Previous targets for e.g., have been the veteran spam fighter Spamhaus, which suffered a denial of service attacks in September last. Still earlier in April 2006, a dangerous spammer brought down the website of Blue Security, a well-known anti-spam company.
Related article: DDoS Attacks In China Leave The Websites Wounded
» SPAMfighter News - 01-03-2007