Online thugs assault security help sites

The good guys are taking a hit in the ongoing online war between the thugs who profit from phishing and malware, and those who work to stop them.

For two weeks, Web sites like CastleCops.com, which offers help to those hit by malware and also actively works to shut down malicious Web sites, have been under attack. In what's known as a distributed denial of service, black hats are flooding CastleCops with a barrage of garbage data in an attempt to overwhelm the site and knock it offline.

"It's the folks who are out there in the trenches getting hit," says Paul Laudanski, who founded CastleCops five and a half years ago

Attack spreads

When the attack on CastleCops.com began on August 29, Laudanski says, the site went down for a few hours as he scrambled to apply countermeasures. His site came back up, but the attack soon spread to other helpful sites such as 419eater.com, fraudwatchers.org, [[xref:http://www.scam.com, scamfraudalert.com, and scamwarners.com. Most of these sites are currently unresponsive.

When the hosting provider for another site, aa491.org, dropped the site because the attack became too much for the provider, CastleCops gave aa419.org a home. CastleCops went down again under the combined attack, but is back up again.

The sites are all being hit by botnets, corralled networks of malware-infected computers that can be issued commands by a central controller, or botherder. Botnets are most often used to send money-making spam, but they can also launch denial-of-service attacks where each infected PC sends a steady stream of traffic at a victim site. CastleCops is shouldering the brunt of 20,000 bots as of today, and more than 1,000 additional bots join the fray each day.

Mystery motive

Laundanski says he and others who work at these sites, many of which are not-for-profit, are still unsure about the attack's rationale. And he's likewise uncertain about whether it's one group or many behind it all. He's been able to gather some details, but doesn't want to share them while the threat continues and let his attackers know what he's been able to find out.

But Paul Sop, CTO of Prolexic, a company that defends clients against DDoS attacks, says "the prevailing street theory is that these guys are having an effect." Their advice is helping malware or phishing victims, and their investigations are helping to shut down criminal operations

"So the botnet guys are targeting them," he says.

Security sites, including CastleCops, have been targeted in the past, but attacks are on the rise, Sop says. In the past five months, he says, there has been an increased focus on attacking organizations on the front lines who try to fight back against the crooks.

Strengthened resolve

But according to Laudanski, who has started a new online forum documenting the ongoing battles, the attacks may backfire.

"The criminals are in it for the money," he says. "It's a huge business for them. [But] we're in it for the feeling that we get being on the side of right."

So this assault shows that "these sites are definitely doing something right," he says, "because we've got the attention of these scammers. It gives us greater resolve."

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Erik Larkin

PC World
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?