Blue Security DNS Change Brings Down Typead & LiveJournal
As mentioned on this blog earlier, Blue Security, an email opt-out service company, was under a crushing DDoS from the spammers that are angry that Blue Security’s service is cutting down on spam.
Well, if a DDoS happens in Israel, Americans look at it and say “Sucks to be you.” Blue Security needed law enforcement help to go after the spammers who seem to be controlling one of the world’s largest botnets, and frankly, Israeli law enforcement may not be up to the task. What is a small Israeli company to do?
They redirected their DNS services to their blog site that was hosted at Typead. The result is that the DDoS chased them there, and it crushed Typead’s hosting network, Six Apart. Live Journal is also part of Six Apart, so it went bye-bye too.
Lots of people on the net are figuring out what happened now and many are understandably pissed, but they are directing their anger at the wrong people. They should be mad at the spammers who are criminals and engaged in a criminal act. All that Blue Security did was make a DNS change. Which is legal.
Sure, they probably knew what would happen. And they also knew that if the American critical infrastructure was attacked by the world’s largest spammers with the world’s largest botnets, then the Department of Homeland Security, the FBI and the Secret Service would bring their considerable law enforcement skills into the fray, and help track down these criminals and put them away.
See more at this post at Q Daily News here:
According to a post on the North American Network Operators Group mailing list, at some point yesterday the people at Blue Security decided that the best way to deal with the attack was to point the hostname www.bluesecurity.com to their TypePad-hosted weblog, bluesecurity.blogs.com. This effectively meant that the target of the attack shifted off of Blue Security s own network and onto that of Six Apart, and did so as the direct result of a decision made by the folks at Blue Security. Soon thereafter, the Six Apart network buckled under that weight and fell off the net, and over four hours passed before packets began to flow again.
And at this time, bluesecurity.com has been null-routed to the localhost address. This effectively ends the DDoS portion of the attack, but is this the end of Blue Frog?
More here:
http://news.zdnet.com/2100-1009_22-6068607.html
On Wednesday, Six Apart told News.com that if it faces an attack, the problem is often related to the content posted on one of the blogs it hosts. However, the San Francisco company declined to comment on Thursday on the origin of the DDoS siege.
“Blue Security is a customer of ours, they do have a blog with us,” Six Apart Vice President Anil Dash said. “Beyond that, I don’t want to confirm anything. Any kind of an attack like this is really the fault of the attackers.”