InBoxRevenge.com Under DDoS Again
As of October 31st, 2009, the attackers were DDoSing InBoxRevenge website again. This is where the IBR anti-spam forum is hosted, though the content is definitely offline at this time.
Early morning 11/1/09 it was reported by @themarkgiles Twitter user that IBR was under a flood attack from 750 bot IPs at a rate of 50/second. Source IP countries: TH (Thailand), IN (India), BD (Bangladesh), RU (Russia), BR (Brazil), PH (the Philippines), etc.
The spammers are hitting the IBR website with IPs that are compromised and under control of a botnet. Obviously some spammer is not happy with the reporting we do of cybercriminal activities.
We will continue to post more information as it comes available.
UPDATE on 11/1/09
Taken from the most recent IBR Blogspot entry:
Members may have noticed another recent outage for several hours. It was another confirmed DDoS, via a method called “syn flood.” In the past, these sorts of attacks have gone on for weeks. We just roll with it.
Why is it good news? It lets us know our efforts are worthwhile, because making internet crime less profitable is exactly what we’re trying to accomplish. If we weren’t making criminals want to attack us, we’d have to wonder what we were doing wrong. We never expect to achieve the amazing level of spammer ire that Blue Security suffered in its famous 2006 attack, but then we aren’t planning to try to keep the site on line during the attacks. We just fall back to the alternate methods of spreading information. If our attackers would like to try to simultaneously take down Google, Microsoft, Twitter, WordPress, and all the other sites we’ve established a presence on, they’ll get themselves a lot more law enforcement attention than they’re currently planning on.
Comments are open for this blog, though they have to be approved by a moderator. And if you have a comment that seems to merit its own “thread,” we can repaste it as a blog post that can get its own comments.
And we have our other sites for announcements:
As always, the best response to retaliation is to continue to do the reporting you were doing before — but to do more of it. At the time of this post update, the IBR website loads as a 403 error as of 18:00 GMT on 11/1/09.
Filed under: blacklist, blocklist, cybercrime, malware, rogue networks, spam, trojan, virus | Leave a Comment
Tags: anti-spam, blacklist, blocklist, botnet, DDoS, Denial of Service, IBR, Inbound attack, inboxrevenge, InBoxRevenge DDoS, InBoxrevenge.com, IP, spam, spammers, Syn Flood