Apologies for the forum being unavailable a few days. The DDoS has subsided for now. Our policy is to just go off line as needed rather than to expend energy fighting such attacks.
Our time is much better spent continuing to investigate and report the internet criminals behind your spam and all the illegal activity that goes with it. Notifications on blogs like this one are part of the layers of redundancy we've set up to make it possible to continue our usual activities when the forum is unavailable. If anything, having the effectiveness of our activities acknowledged by spammers has been a shot in the arm to motivate our members, who primarily are busy professionals doing this as a volunteer effort outside of their usual jobs.
The forum thread for more information about this DDoS is at
http://ksforum.inboxrevenge.com/viewtopic.php?f=1&p=42237#p42237
Friday, October 30, 2009
Wednesday, October 28, 2009
Google Feedproxy Abuse
Well, just as the Yahoo Groups Spam becomes less overwhelming, along comes a new abuse: feedproxy.google.com URLs that redirect to the following Canadian Pharmacy domains:
pharmsstockmeant.com
caringbread.com
As InboxRevenge.com members know well, "Canadian Pharmacy" (CPh) is a scam.
The site has nothing to do with Canada. The phone number they list, +1(650)452-6975, has a Texas area code but is a voice-over-internet number which connects to an overseas operator -- if it gets answered at all. The address listed on their sites belongs to a legitimate Canadian pharmacists' organization that denies any relationship to CPh. Why doesn't that organization make them stop? Because CPh sites are part of an affiliate program run by criminals in Russia, out of reach of Canadian or US law enforcement.
The pills they sell are counterfeit generic versions of drugs that aren't legally available in generic version. A drug can't be sold generically until its patent has expired -- but again, they're out of reach of law enforcement.
CPh markets them like some late night infomercial for Ginzu Knives, throwing in free tabs of their counterfeit "Viagra" with every order -- even when that would be a potentially fatal combination. So either people are dying or the drugs are completely fake. Clearly no pharmacist has had any input into the operation, either way. And they're out of reach of law enforcement
It's extremely stupid to give the operators of CPh your name, address, phone number, and/or credit card number. It's extremely stupid to wait however long they tell you to wait for delivery, allowing the time limit to file a complaint with your credit card company to expire. And it's even more stupid to swallow pills of unknown makeup from an unknown country made under unknown conditions of sanitation, should anything actually show up in your mailbox.
That, and the fact that smuggling drugs is a federal crime. And you're not out of reach of law enforcement.
There's more information on the spamwiki:
http://spamtrackers.eu/wiki/index.php/Canadian_Pharmacy
pharmsstockmeant.com
caringbread.com
As InboxRevenge.com members know well, "Canadian Pharmacy" (CPh) is a scam.
The site has nothing to do with Canada. The phone number they list, +1(650)452-6975, has a Texas area code but is a voice-over-internet number which connects to an overseas operator -- if it gets answered at all. The address listed on their sites belongs to a legitimate Canadian pharmacists' organization that denies any relationship to CPh. Why doesn't that organization make them stop? Because CPh sites are part of an affiliate program run by criminals in Russia, out of reach of Canadian or US law enforcement.
The pills they sell are counterfeit generic versions of drugs that aren't legally available in generic version. A drug can't be sold generically until its patent has expired -- but again, they're out of reach of law enforcement.
CPh markets them like some late night infomercial for Ginzu Knives, throwing in free tabs of their counterfeit "Viagra" with every order -- even when that would be a potentially fatal combination. So either people are dying or the drugs are completely fake. Clearly no pharmacist has had any input into the operation, either way. And they're out of reach of law enforcement
It's extremely stupid to give the operators of CPh your name, address, phone number, and/or credit card number. It's extremely stupid to wait however long they tell you to wait for delivery, allowing the time limit to file a complaint with your credit card company to expire. And it's even more stupid to swallow pills of unknown makeup from an unknown country made under unknown conditions of sanitation, should anything actually show up in your mailbox.
That, and the fact that smuggling drugs is a federal crime. And you're not out of reach of law enforcement.
There's more information on the spamwiki:
http://spamtrackers.eu/wiki/index.php/Canadian_Pharmacy
Inboxrevenge.com, the little forum that creates big headaches for internet criminals, is under another distributed denial of service (DDoS) attack. That means hundreds or thousands of zombie computers -- computers like yours that have been infected by malware and put under the control of criminals -- are all trying to access the site simultaneously. Websites can only handle a certain amount of traffic, so having so many requests going on continuously shuts out legitimate visitors.
Frankly, we were wondering what took them so long. We've been through this before. We've got lots of backup means for forum admins and mods to communicate with each other and with the other members. We are prepared to just let the site be off line while these guys spend their money attacking. We'll just chill and spend the extra time reporting their domains and bots. The difference is they don't get to read about it.
What the rest of our members can do is take extra time reporting. Report your spam emails to spamcop.net, so more of their IP's are blocklisted and more of their bots are disinfected. Fire up Complainterator and report domains and their nameservers to registrars. We are not some discrete target that can be shut down with a DDoS. We are our members, all over the world, and we're in it for the long term.
http://twitter.com/inboxrevenge
http://inboxrevenge.wordpress.com/
http://inboxrevenge.webs.com/
http://spamtrackers.org
http://inboxrevenge.spaces.live.com/
Frankly, we were wondering what took them so long. We've been through this before. We've got lots of backup means for forum admins and mods to communicate with each other and with the other members. We are prepared to just let the site be off line while these guys spend their money attacking. We'll just chill and spend the extra time reporting their domains and bots. The difference is they don't get to read about it.
What the rest of our members can do is take extra time reporting. Report your spam emails to spamcop.net, so more of their IP's are blocklisted and more of their bots are disinfected. Fire up Complainterator and report domains and their nameservers to registrars. We are not some discrete target that can be shut down with a DDoS. We are our members, all over the world, and we're in it for the long term.
http://twitter.com/inboxrevenge
http://inboxrevenge.wordpress.com/
http://inboxrevenge.webs.com/
http://spamtrackers.org
http://inboxrevenge.spaces.live.com/
Subscribe to:
Posts (Atom)