TELECOM Digest OnLine - Sorted: Lycos Pulls Anti-Spam 'Vigilante' Campaign

Lycos Pulls Anti-Spam 'Vigilante' Campaign

Lisa Minter (
Tue, 7 Dec 2004 12:14:59 EST

Just days after Lycos Europe's launch of an anti-spam DDoS tool raised
eyebrows in the security space, the company appears to have scrapped
the campaign.

Early last week, the company released a downloadable screensaver
programmed to launch distributed denial-of-service attacks against
known spam sites, but the move sparked a shooting war with spammers
and attracted condemnation from security researchers.

On Friday, Lycos Europe gave up the ghost, posting a "Stay Tuned" note
on the Web site it was using to distribute the
screensaver. The Lycos Europe home page, which heavily promoted the
screensaver all week, was also scrubbed clean of any references to the

Company officials did not respond to requests for comment, but
security experts were not mincing words.

"I find the anti-spam downloadable DDoS tool to be without a doubt
irresponsible, possibly illegal, sets a really bad precedent, gives
the wrong impression to users, and possibly the dumbest thing I have
heard of this week," said Adrien de Beaupre, an incident handler with
the SANS Internet Storm Center (ISC).

"I can summarize my thoughts into a single word. Dumb. With a capital
'D,'" de Beaupre told

Dan Goldberg, a senior security analyst with MADJiC Consulting Inc.,
described the Lycos Europe move as "vigilantism" and said the use of
questionable tactics to deal with a security risk created more
problems that it solved.

"In this case, it only causes traffic saturation. It's a noble gesture
to fight back against spammers, but when you try to take down a spam
site, a lot of innocent people get caught in the crossfire. As a big
company, Lycos has to be more responsible than that," Goldberg

Evidence of a shooting war in cyberspace was uncovered by anti-virus
vendor F-Secure. The company reported that one of the spam sites under
attack by the Lycos screensaver simply added a Meta Refresh tag that
redirected all incoming traffic back to Lycos.

"As an end result, depending on how the Lycos client works, the screen
savers downloaded from might be attacking the
download site itself," F-Secure said in a notice.

Although the Lycos site is no longer offering the screensaver, MADJiC
Consulting's Goldberg says it's likely the DDoS attacks against the
spammers will continue for some time.

"The software is out there. People have downloaded it and shared it
with their friends and family. It's being used and will continue to be
used," he said.

*** FAIR USE NOTICE. This message contains copyrighted material the
use of which has not been specifically authorized by the copyright
owner. This Internet discussion group is making it available without
profit to group members who have expressed a prior interest in
receiving the included information in their efforts to advance the
understanding of literary, educational, political, and economic
issues, for non-profit research and educational purposes only. I
believe that this constitutes a 'fair use' of the copyrighted material
as provided for in section 107 of the U.S. Copyright Law. If you wish
to use this copyrighted material for purposes of your own that go
beyond 'fair use,' you must obtain permission from the copyright
owner, in this instance Reuters News Service.

For more information go to:

Post Followup Article Use your browser's quoting feature to quote article into reply
Go to Next message: TELECOM Digest Editor: "Mix up; Some Stuff Lost in Processing"
Go to Previous message: Bitu: "Re: Will Radar Detectors be Regulated Out of Existence?"
Next in thread: Rick Merrill: "Re: Lycos Pulls Anti-Spam 'Vigilante' Campaign"
May be reply: Rick Merrill: "Re: Lycos Pulls Anti-Spam 'Vigilante' Campaign"
May be reply: Steve Sobol: "Re: Lycos Pulls Anti-Spam 'Vigilante' Campaign"
May be reply: DevilsPGD: "Re: Lycos Pulls Anti-Spam 'Vigilante' Campaign"
TELECOM Digest: Home Page