Home
Current issue
Forum & Community
OneKit's Software
About us
Chat with support
[|
|
||
|
|
|
|
Home
Current issue
Forum & Community
OneKit's Software
About us
Chat with support
[ |
||
| Games | Graphics & Design | MP3 & Audio | Internet & Networks | System & Utilities | Home & Education | Business | WebDev | SoftDev |
| Reviews & Articles :: Timeline of PharmaMaster Attacks on www.bluesecurity.com | ||||||||
| Issue: May 2006 > Internet & Networks > Article "Timeline of PharmaMaster Attacks on www.bluesecurity.com" | |
|
|
 |
|
|
Starting Monday, May 1st, the Blue Community has been the target of a criminal spammer. This criminal spammer, PharmaMaster, is attempting to deny our community the right to opt-out from his spam messages.
Aside from blackmail emails sent to community members, there were two separate attacks on Blue Security itself. The first attack was to block worldwide access to Blue Security's corporate website (www.bluesecurity.com) by tampering with the Internet backbone using a technique called "Blackhole Filtering". The Second attack was a DDoS attack on Blue Security's operational system. When we realized the spammer had blocked access to our website to obstruct members from using our service or access our website to receive more information, we performed a series of tests to determine what had happened. These tests clearly indicated that the corporate site was not subject to a DDoS attack since it was accessible from inside Israel and there was no load on the system. These symptoms were in accordance to what the spammer had indicated he would do (i.e. block all traffic to our site from outside of Israel) in an ICQ session. In order to inform our community of what had happened, we used a previously-existing blog site for the Blue Community which had been host to our corporate website prior to July 2005. We posted a short blog item to inform our users and other constituents of the situation and how we were working to solve the issue. After the name server had been updated such that traffic to Blue Security shares the pain of blogs.com's community that was seriously affected PharmaMaster's criminal acts. Those who blame Blue Security for the attack only further the agenda of PharmaMaster to impose his will on all Internet users. Timeline (all times in GMT) [May 2nd 13:42 GMT] PharmaMaster Works to Block Traffic to Blue’s Corporate Web Site One of the world’s largest spammer’s, ‘PharmaMaster’, sends Blue Security an ICQ message stating that he will block traffic to Blue’s corporate website, www.bluesecurity.com .
[May 2nd 14:47 GMT] BlueSecurity.com Can’t be Accessed Outside of Israel Blue Security receives another ICQ message from PharmaMaster stating that Blue’s corporate Web site cannot be accessed from outside of Israel.
[May 2nd 15:30 GMT] Blue Security's Dedicated Servers—NOT Corporate Website—Under Attack Blue Security’s operational servers—NOT www.blusescurity.com — suffer from DDoS attacks. [ May 2nd 16:30 GMT] Corporate Website Receives 2 Hits/Min Blue employees notice that there is not load on the corporate website, www.bluesecurity.com (2 hits per minute) and that most visitors originate from Israel. [May 2nd 17:07 GMT] PharmaMaster Sends Message: Website Can’t be Accessed Around World Blue receives another ICQ message from PharmaMaster stating the company’s corporate Web site can not be accessed around the world. .[May 2nd 20:17 GMT] Blue Performs Technical Analysis: Confirms Website Cannot be Accessed Abroad Blue’s technical analysis team determines that its corporate website can still be accessed from Israel, but cannot be accessed abroad. .[May 2nd 21:17 GMT] Blue Reports More Symptoms: "Blackhole filtering" Confirmed Blue’s operational team reports on more symptoms supporting PharmaMaster's claims that the backbone of the Internet was compromised (blackhole filtering at the backbone level). Still, there is no sign that there was a DDoS attack on Blue’s website. .[May 2nd 22:45 GMT] Blue Security Decides to Update Blue Community Blue Security decides to update the Blue community about the situation by reverting to Blue's pre-launch "Blue Zone" Blog, hosted on Typepad. .[May 2nd 23:20 GMT] BlueSecurity.com Redirected to TypePad www.bluesecurity.com is redirected to Blue Security's blog. Many community members can receive real time information about the attack. .[May 2nd 23:27 GMT] First Comment Posted on the Blue Blog Blog site at TypePad functional. The first comment is posted on the Blue blog by a user. .[May 2nd 23:57 GMT] Last comment Posted on the Blue Blog Before DDoS Begins TypePad blog site still functional. The last comment is posted thirty minutes later on the Blue blog just before the new DDoS attack occurs. (If there had been an initial DDoS attack on Blue’s corporate site, the blog site would have been hit) .[May 3rd 00:00 GMT] PharmaMaster Starts Attacking Typepad A fierce and ruthless DDoS on Typepad begins. Blue is not aware of the DDoS due to the late hour in Israel (2 AM local time). Typepad continues to carry Blue Security's blog and help Blue keep our community aware of the situation. .[May 3rd 16:43 GMT] PharmaMaster Strikes Again, Takes Down Tucows PharmaMaster starts another attack and takes down Tucows's DNS servers which were serving thousands of sites, including Blue Security's. Tucows terminates Blue Security's account in an attempt to stop the attack. [May 3rd 23:23 GMT] PharmaMaster Boasts Success Almost 24 hours later, PharmaMaster boasts success in another ICQ message.
[May 4th 13:00 GMT] Blue Security partially restores its services Blue Security's web site and some of its operational servers are functioning again. Related Links:
May 7, 2006
Author: Eran Reshef |
|
| Copyright 2003-2008 - Software Magazine, onekit.com, Legal Notices | |||||
|
Timeline of PharmaMaster Attacks on www.bluesecurity.com