Lycos Europe denies attack on zombie army

Internet portal Lycos Europe has denied that its "Make love not spam" Web site was defaced by hackers last night.

The company said that an e-mail that contained an apparent mirror image of the Web site being hacked was a hoax generated by spammers.

"This is a hoax," said Malte Pollmann, director of communications services for Lycos Europe. "We have obviously reached our goal and are getting to the spammers. On our servers, we don't have any logs of an attack. No one was able to verify that."

Despite the company's assertions, the site was inaccessible for most of Wednesday, according to Internet analysis company Netcraft.

Additionally, the site was reported to have been inaccessible for some time Tuesday night, and an e-mail was sent to Finnish antivirus company F-Secure with what appeared to be a mirror image of a defacement of the site. The defacement read:

"Yes, attacking spammers is wrong. You know this, you shouldn't be doing it. Your IP address and request have been logged and will be reported to your ISP for further action."

Lycos Europe is a separate company from the Web portal that bears the Lycos name in the United States. Lycos Europe claims that it maintains roughly 40 million e-mail accounts in eight European countries.

Lycos Europe introduced its "Make love not spam" campaign, which offers users a screensaver that helps to launch something like distributed denial-of-service (DDoS) attacks on spammers' Web sites, this week. The company said the screensaver uses the idle processing power of a computer to slow down the response times from spammers' Web sites--much in the same way spammers use compromised PCs to distribute unsolicited e-mail messages.

But Lycos Europe also denied it was using denial-of-service attacks.

"I have to be very clear that it's not a denial-of-service attack," Pollmann said. "We slow the remaining bandwidth to 5 percent. It wouldn't be in our interests to (carry out DDoS attacks). It is to increase the cost of spamming. We have an interest to make this, economically, not more attractive."

Steve Linford, the director of international spam-fighting organization the SpamHaus Project, said that by attacking spammer bandwidth, Lycos could be attacking innocent users' bandwidth, too.

But Pollmann sidestepped that question. "We want to hit targeted bandwidth," he said. "We are selecting spammers from blacklists. We verify every address. Professional spammers run on very dedicated media."

On Tuesday, F-Secure warned users not to participate in Lycos' campaign because it might involve "possible legal problems."

Dan Ilett of ZDNet UK reported from London.

It's not too hard to see what's really going on.

If you look closely at the routing for this "tool" you'll see what's really happening. They aren't hacked. They're blackholed. This is what was happening since Tuesday night. Many providers are putting blackholes in place. I predict this will be mostly ineffective and shutdown by weeks end.

The controllers are being blackholed which effectively shuts the clients off. They'll still function as screen savers, but they won't have a target list from Lycos.

[zaznet]

ISPs have a responsability to stop DDoS tools from being used on their net.

The ISPs are doing this beacuse their customers are using a screensaver they THINK is deisgned to "stop spam" when in fact it is a DDoS utility designed to absorb bandwidth from spammers AND the ISP of the user when the users computer is mostly not in use.

The ISP has the responsability to stop such tools from working. This is done to protect the ISP network and the customer from their own ignorance in the product they downloaded.

Now if such network blocking could be put in place in the other direction to prevent the spammers from gaining access to the major ISps we'd be all set. :)

[Ubber geek]

blackholes in place

http://www.analogstereo.com/vacuum/miele_dustbag.htm

It appears Lycos has it head up its &%$$

If you hit the site you can see the sites been hacked. On top of that is not Lycos/Excite the same and they have a nasty "extention" the affixes it self to your IE Browser and needs hacking the registry to remove it. So lets get the right......... help a spyware/malware profider hit a spammer.... Oh suuuuuure

[zaznet]

Lycos Europe is NOT owned by Excite

Lycos Europe is not Lycos and is not part of Excite. Lycos Europe was part of Lycos back in it's earlier days but was "spun off" into it's own company and apparently survived a better fate than it's parent Lycos.