DDOS Knocks Antispam Sites Offline

— -- Several antispam organizations have been targeted by an attempt to knock them offline, according to the SANS Institute.

SANS' Internet Storm Center (ISC) said a "pretty big" distributed denial of service (DDOS) offensive had targeted several high-profile organizations, including Spamhaus, SURBL (Spam URI Realtime Blocklists) and URIBL (Realtime URI Blacklist).

Rules Emporium, a site hosting rules for the open source SpamAssassin antispam program, was also offline, and may have been targeted as well, according to ISC handler Bojan Zdrnja.

As of Monday, Rules Emporium and URIBL were still not reachable, while Spamhaus and SURBL appeared to have recovered.

"It looks like some antispam groups managed to get the attack(s) under control, let's hope the things will stay that way," Zdrnja wrote.

Denial of service attacks are a routine risk for antispam groups, but the current attack is similar to those carried out against Blue Security just over a year ago using botnets controlled by the Storm malware, according to SANS. The attacks caused Blue Security to exit the antispam business.

The ISC's Zdrnja suggested that such attacks may be a good sign for the effectiveness of antispam tools.

"Spammers seem to be desperate when they launch DDOS attacks, otherwise they would just keep sending spam, instead of using their resources this way," he wrote.