December 1, 2004 10:35 AM PST
Lycos Europe denies attack on zombie army
- Related Stories
Lycos Europe: 'Make love not spam'November 30, 2004
Banner day for attacks?November 22, 2004
Browser promises to fend off phishersNovember 22, 2004
Skulls program kills cell phone appsNovember 19, 2004
Gates may be world's most spammed personNovember 18, 2004
Caught in a phishing trapNovember 17, 2004
The company said that an e-mail that contained an apparent mirror image of the Web site being hacked was a hoax generated by spammers.
"This is a hoax," said Malte Pollmann, director of communications services for Lycos Europe. "We have obviously reached our goal and are getting to the spammers. On our servers, we don't have any logs of an attack. No one was able to verify that."
Despite the company's assertions, the site was inaccessible for most of Wednesday, according to Internet analysis company Netcraft.
Additionally, the site was reported to have been inaccessible for some time Tuesday night, and an e-mail was sent to Finnish antivirus company F-Secure with what appeared to be a mirror image of a defacement of the site. The defacement read:
"Yes, attacking spammers is wrong. You know this, you shouldn't be doing it. Your IP address and request have been logged and will be reported to your ISP for further action."
Lycos Europe is a separate company from the Web portal that bears the Lycos name in the United States. Lycos Europe claims that it maintains roughly 40 million e-mail accounts in eight European countries.
Lycos Europe introduced its "Make love not spam" campaign, which offers users a screensaver that helps to launch something like distributed denial-of-service (DDoS) attacks on spammers' Web sites, this week. The company said the screensaver uses the idle processing power of a computer to slow down the response times from spammers' Web sites--much in the same way spammers use compromised PCs to distribute unsolicited e-mail messages.
But Lycos Europe also denied it was using denial-of-service attacks.
"I have to be very clear that it's not a denial-of-service attack," Pollmann said. "We slow the remaining bandwidth to 5 percent. It wouldn't be in our interests to (carry out DDoS attacks). It is to increase the cost of spamming. We have an interest to make this, economically, not more attractive."
Steve Linford, the director of international spam-fighting organization the SpamHaus Project, said that by attacking spammer bandwidth, Lycos could be attacking innocent users' bandwidth, too.
But Pollmann sidestepped that question. "We want to hit targeted bandwidth," he said. "We are selecting spammers from blacklists. We verify every address. Professional spammers run on very dedicated media."
On Tuesday, F-Secure warned users not to participate in Lycos' campaign because it might involve "possible legal problems."
Dan Ilett of ZDNet UK reported from London.
5 commentsJoin the conversation! Add your comment