Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: DDoS on anti-spam groups SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
DDoS on anti-spam groups
It looks like a pretty big DDoS attack is being carried out against several well known anti-spam groups, including Spamhaus, SURBL and URIBL. The Rules Emporium site that hosts additional (and very useful) rules for SpamAssassin is also not available at this moment – I don’t know if they are under a DDoS attack as well.

The attacks seem to be similar to those carried out against BlueSecurity last year, with the Storm malware. Storm is a botnet that can do basically anything and, starting from DDoS attacks to sending spam.

It looks like some anti-spam groups managed to get the attack(s) under control, let’s hope the things will stay that way.

On the other side – this looks like the anti-spam tools are doing their job because spammers seem to be desperate when they launch DDoS attacks (otherwise they would just keep sending spam, instead of using their resources this way).I will be teaching next: Web App Penetration Testing and Ethical Hacking - SANS Cyber Security East: May 2021


396 Posts
ISC Handler
Jun 7th 2007

Sign Up for Free or Log In to start participating in the conversation!