Blue Security, an Internet security firm that tried to fight spam with spam, has shut down after a prolongeddenial-of-service launched by the spammers it hoped to put out of business.
The Israel-based company tried to use the tactics of spammers against it, using a system that automatically sent messages back to them, operating on the theory that doing so would overload the servers of the original spammers and put them out of commission — at least, temporarily.
From Russia Without Love
The tactic was said to be working and was gaining traction, until a Russian-based spammer began to deluge Blue Security and its partners with a denial-of-service blitz that shut down the Blue Security site, several other Web sites and some Internet service providers.
The attack is reported to have originated from a well-known Russian spammer, PharmaMaster, but may have included a broad coalition of spammers. Blue Security had previously acknowledged the attacks, but said it had withstood them, posting a page on its Web site that said “The Blue Frog Lives” and saying that a “renegade spammer’s attack on the Internet had failed.”
Blue Security, which sold its flagship product under the name “Blue Frog,” apparently shut down operations this week. The main Web site could not be reached on Thursday.
The decision to shut down was made in recognition of the likelihood of further attacks if Blue Security went back to work, according to a statement put out by a U.S.-based public relations firm that was working with the company.
“As we cannot build the Blue Security business on the foundation we originally envisioned, we are discontinuing all of our anti-spam activities on your behalf and are exploring other, non-spam-related avenues for our technological developments,” the statement said.
The situation is a reminder of the relative strength of spammers and the difficulty in using novel techniques to fight them. One of the ideas behind Blue Security was to urge people to give spammers a taste of their own medicine.
The firm operated a Do Not Intrude list. Customers who signed up would install the Blue Frog agent on their computer. There, it would integrate with major mail platforms, including Yahoo, Google’s Gmail and Hotmail, and check incoming messages against a central database where known spammer addresses were kept.
When a match was found, the software would select a form from the site advertised in the e-mail message and submit a request asking to be removed from the spammer’s list.
The firm recently said it was close to reaching a half-million subscribers and had managed to stop thousands of messages by convincing major spammers to take their customers off their mailing lists.
The tactics eventually proved no match for spammers. Though PharmaMaster is said to have spearheaded the effort, security experts say it’s likely a large number of spammers took part, since it appears that the messages that crippled servers did not come from any one location.
Friends and Enemies
During its battle, Blue Security tried to deflect Web traffic to mute the impact of the attacks by redirecting messages to its blog. That only caused additional problems, with some bloggers who use the Six Apart platform reporting difficulties in accessing their blogs during the attacks.
That tactic was being widely derided on the Web in the wake of Blue Security’s demise, but the bigger issue is the strength and cooperation shown by spammers, which is a stark reminder of how difficult the problem will be to completely eliminate.
“This is truly an international problem now, and that means old-fashioned law enforcement efforts aren’t going to get the job done,” said Sophos senior technology consultant Graham Cluley. “It’s going to take a combination of technology, law enforcement and cultural shifts from users to make a difference.”
Major Web companies are moving forward with plans to design pay-to-play systems that will require a modest fee for each message sent across the networks of AOL, Yahoo and others. Those plans have brought their share of criticism, but some believe they represent the best chance the Web community has to slow the spread of spam.