To print: Click here or Select File and then Print from your browser's menu

This story was printed from silicon.com, located at http://www.silicon.com/

Story URL: http://www.silicon.com/research/specialreports/thespamreport/0,39025001,39158961,00.htm

Spammer claims scalp in antispam cyber war
'Spam the spammers' strategy backfires on Blue Security...

By Greg Sandoval

Published: Thursday 18 May 2006

A prominent crusader against unsolicited email ads withdrew from an escalating cyber war with spammers on Wednesday after his website and numerous others came under a massive retaliatory attack.

Blue Security, a company that provided antispam software and was widely praised for orchestrating a kind of DIY campaign to spam spammers, has "ceased all antispam operations", according to a spokeswoman for the company.

The surrender comes after the company's website - along with those of many of its partners - was hobbled by a denial of service attack earlier this month. The DoS attack, which used thousands of commandeered computers to overload the sites' servers with traffic, is believed to have originated with one Russia-based spammer, the spokeswoman said.

The brazen show of power by the spammer is reflective of the defiant nature of these kind of rogue advertisers. Almost as old as the internet, unsolicited email continues to swamp email inboxes and to clog servers, even as law enforcement agencies and regulatory bodies have tried to stop the practice.

Eran Reshef, Blue Security's CEO, thought he had the answer. He encouraged half a million of the company's customers to send replies to the spam they received. The combined traffic overloaded the spammers' servers and crippled their ability to send emails. This resulted in some well-known spam companies agreeing to stop emailing Blue Security's customers.

Blue Security's triumph was short-lived. Instead of capitulating, one spammer launched a denial of service attack earlier this month. According to security website SecurityFocus, the attacks overwhelmed several websites and ISPs.

The spammer then threatened Blue Security - saying the company could either shut down or the next attack would include a computer virus.

With innocent companies and internet users potentially at risk, Reshef had no choice but to yield to the demands, the spokeswoman said.

She added: "The company is unable to fight this battle on its own. This [spammer] has shown that he's willing to harm hundreds of innocent bystanders... [Reshef] didn't want to take the risk that these other businesses would come under attack."

Blue Security is now trying to determine whether there are other uses for its anti-spam technology, she said.

Greg Sandoval writes for CNET News.com