As Twitter struggled to return to normal Wednesday evening, a trickle of details suggested that the outage that left 30 million users unable to use the micro-blogging service for several hours - at least in part - may have been the result of a spam campaign that targeted a single user who vocally supports the Republic of Georgia …
Snafu Politics Sucks...
"Cyxymu has long been viewed as an antagonist by some pro-Russian supporters, who take issue with the blogger's coverage of recent military conflicts in Georgia."
Hmmm.... if such "attacks" are political in nature, does that excuse them and render the "attacker" free from the prosecution/persecution which would normally follow a regular Joe Sixpack sortie?
...the power of idiots in numbers. This is ingenious, and likely to be repeated due to its success. Botnets no longer have to be the direct source of a DDoS, just the spams, giving them one step of separation from their intended victims and therefore more difficult to detect and shut down.
Paris, never to be underestimated.
they could have just posted those links in a slashdot "article" and then used their spambots to do something more useful?
Like flogging Viagra?
And 30 million people DIDN'T die!
Loss of Facebook and Twitter?
Well that means that it will have had no effect on anyone over the age of 15 then will it!
To paraphrase, there is a price to be paid for that freedom to always be on and always open and ready for business, eternal vigilance!
Just 'cos 99.9% of the "Twatter" and "Face-ache" users live in a fluffy, rose-tinted, happy-go-lucky, ickle world where nothing nasty happens, I'm afraid those of us who grew up with BBS and the birth of the "public" use internet, know that the scum are out there "da tubes" just as much as they are lurking in the dark spot, in the local train carpark at midnight!
@Moss Icely Spaceport re. Twitter down?
"And 30 million people DIDN'T die!"
No, but they were severely traumatised and will need to spend lots of time tweeting about it as part of their recovery process. Be kind to them, for a little while.
Is this the end of the world?
"......left 30 million users unable to use the micro-blogging service for several hours....."
<Battery Sergeant-Major Williams>
Oh dear, how sad, never mind.
I thought JoeJobbing was when spammers used a fake sender's address in a domain that you happened to own (it has happened to me, and some of my friends). This results in all the bounces from the spam hitting you, along with a few uninformed complainers asking you to stop sending them spam...
Joejobs are what ?
quote: "Joejobs are spam messages that are designed not to push Viagra but to induce someone to click on a link in the hopes of harming the site being linked to."
Erm, not quite... a joejob is an email with a forged sender address, originally meant to tarnish the reputation of the supposed sender, and ensure that bounces and complaints didn;t chew up the bandwidth of the spammer.
What you're describing sounds more like a form of DDoS
Knowing there are /that/ many idiots in the world doesn't make me feel a whole lot better (who wants to live in a world with that many idiots in it?), but it does make me think that idiots are a force to be reckoned with.
A force of great stupidity, true, but a force nonetheless.
... a site that can serve 30 million people (plus *visitors*).... was taken down because too many people were visiting it?!
any way, a bot can be modified so that instead of sending SMTP packets... it will instead send and receive HTTP packets (which it will drop).
Re: Never underestimate
Of course, Cyxymu's websites are all now getting hammered by readers of the Register, who'd never heard of him until now. Ah the wisdom of crowds.
@Moss Icely Spaceport
Of course they didn't die - they'd not have been able to tell us about it :)
That, plus they have no lives to start with ;)
RE: Snafu Politics Sucks...
"Hmmm.... if such "attacks" are political in nature, does that excuse them and render the "attacker" free from the prosecution/persecution which would normally follow a regular Joe Sixpack sortie?"
I'm not sure that's a relevant question -- if the attack was for the reasons suggested it's possible that the Russian government/military/whatever are behind it. Somehow I doubt that they'll be prosecuted if it is...
Can't they just block all requests to view this guy's profile, for a few days?
Twitter is still struggling today, they really don't know how to handle this, do they.
I don't know where to shout my pithy statements, so I'll have to do it here for a while, sorry.
Twitter down (2) ?
I tried to Tweet it, but couldn't ;-)
Quite a lot of idiots out there then
What really scares me about this story is the number of people who will click on a link in SPAM.
@Goat Jim: Presumably these users' boxes are already on one or more botnets already.
Christ on a bike how many idiots are there out there, sigh.
Mines the one with the LART sticking out of the pocket
I felt a great disturbance in the Force...
... as if millions of moron voices suddenly cried out in terror and were suddenly silenced. I fear something wonderful has happened. Twitter's down.
Twats @ twitter
so, Twitter can't cope with popular people? Just as well I don't start one else Twitter (and probably the whole internet) would collapse under my followers !!!!!!!!
Russia needs to grow up and get over it
What with this and targeted attacks on the baltics states in the last few years it rather shows a country that is insecure , adolescent in its approach to world affairs and just can't accept that the bolshevik revolution is over and the eastern europe that did not want to be part of a greater russia under the heal of the Bear is now free. The world moves on , russia needs to move on with it or get left behind licking its wounds and pretending its still the 1960s.
Maybe facebook et al can suspend/terminate the accounts of people who followed the e-mail links, on the basis that they're too stupid to use the internet. Then again, they're probably exactly the sort of people their advertisers want ('make cash fast posting links on the internet' etc.)
Can we have a 'stupid people' icon of some sort?
Was it Wednesday or Thursday? I thought it was yesterday evening (and still this morning) that I was having trouble posting to twitter. I know that the US is behind (time zones people, time zones) but I didn't realise that they were that far behind.
I Don't Believe It !
""This was a joejob where people were just clicking on links in email and the people clicking on the links were not malefactors"
So just how many people clicked on such links ? Obviously enough to cause Twitter to come crashing to its knees.
Idiots in large numbers?!
So, enough people clicked on an unsolicited link in a spam email to bring a website down.
That's... worrying. Beware of idiots in large numbers indeed! Apparently the advice not to click on links in spam emails goes in one ear and strait out of the other one.
Cyxymu remember that name!
"It was a simultaneous attack across a number of properties targeting him to keep his voice from being heard,"
Well really, now everyone has heard of him, I think I'll go read his tweets. :)
The links that are spread in the spam could link to a server. That just refreshes the iframe linking to twitter fb etc.
Using more bandwith per user.e
For just a few hours yesterday.
International literary standards rose for a few hours. Coincidence? I wouldn't want to bet against it...
Twitter is down, time to panic.
How will we tell everyone its broken. We could tweet it...
I didn't even notice it dying. Reading the inane goings on of various people does not appeal to me.
And on top of everything they have promoted the chap involved. (unless he is pretending its the people who don't like him)
"What with this and targeted attacks on the baltics states in the last few years it rather shows a country that is insecure , adolescent in its approach to world affairs and just can't accept that the bolshevik revolution is over and the eastern europe that did not want to be part of a greater russia under the heal of the Bear is now free. The world moves on , russia needs to move on with it or get left behind licking its wounds and pretending its still the 1960s."
Or it could just show that the Russian government is one of the first to truly understand and 'weaponise' cyberspace, as shown by the coordinated but allegedly unofficial attacks that downed Georgian government sites during the 2008 Russo-Georgian War.
After all, the US policy of encircling Russia was hardly the sign of a country willing to move on, was it?
And by golly, hasn't the US government been trying to set up some sort of unified cybercommand?
I for one wish to welcome our Cyrillic-scripted overlords for just as long as it takes to find alternatives to (or alternative sources of) the oil and gas supplies that Europe depends on Russian goodwill to avoid freezing it's collective ass off in the winter...
Is the implication here that someone tried to "Silence" a bloger /twitterer and his/her views by sending spam to millions of people that directed them directly to their blog/twitter/facebook account?
Seem like a bloody stupid way of making his/her opinions disapear.
What a waste of bandwidth.
Noone gives a shit about the 140 character waffle of the brain dead.
Twitter - FFS!
(stupid person + computer) * large number = CHAOS!
Peter2: "So, enough people clicked on an unsolicited link in a spam email to bring a website down"
Steve Mills: "Seem like a bloody stupid way of making his/her opinions disapear."
It would be if the opinions were hosted somewhere that could survive the onslaught of spam-email-link-clicking idiots.
But this was *Twitter* we're talking about, so the bar to making this happen isn't exactly set high. There's a reason why the "Fail Whale" is so iconic...
Then again Steve does have a point, I hadn't heard of the guy before this all happened. Now I have. Lots of collateral damage, major news coverage, tons of publicity for their target as a result. Way to go, idiot Russkies.
Since botnet isn't an appropriate term for this sort of attack vector, how about we call it a "meatnet"?
that tweets concerning the current service level of Twitter will bring Twitter to it's knees for the next week or so.
And... really, who the fuck cares anyway?
What's in a name
For what it's worth, "Cyxymu" is a pretty close approximation to the Cyrillic characters that spell "Sukhuti"--a name that turns up fairly often in that part of the world. It's a reasonable guess that that's the perpetrator's real name.
Perhaps it was not the Russkies ...
... but Cyxymu's supporters? If fhe Russkies really wanted Cyxymu silent, I'm sure there are plenty of people who can, for a pittance, ensure that s/he has an "unfortunate accident" without risking the Streisand effect.
Am surprised that Twitter's infrastructure fell over, though, since I *thought* its sole raison d'etre was to enable swarms of monkeymass to follow the bleatings of whoever cares to post. (See http://www.despair.com/idiocy.html)
Re: Idiots in large numbers?!
Ah, no. It would only be worrying were Twitter's percentage of fuckwits dumb enough to click on link spam representative of the online population as a whole.
Presumably the reason the soviet wannabes went to Twitter for their meatnet* nodes was 'cos they'd already done the research to prove that it really did have all the world's drooling idiots online handily colocated for them. I like to think so anyway, it cheers me up.
*Thank you Paul. I second that.
- +Comment Trips to Mars may be OFF: The SUN has changed in a way we've NEVER SEEN
- Vid Google opens Inbox – email for people too stupid to use email
- Back to the ... drawing board: 'Hoverboard' will disappoint Marty McFly wannabes
- Pic Forget the $2499 5K iMac – today we reveal Apple's most expensive computer to date
- Google+ goes TITSUP. But WHO knew? How long? Anyone ... Hello ...