It's been a bit of a bumpy ride on the Dutch part of the internet over the last couple of days. One blog - www.geencommentaar.nl - decided to set up something I like to call a 'web 2.0 honeypot' in the form of a petition. The idea behind this was to attract the attention of the biggest blog in the Netherlands - www.geenstijl.nl - and get GeenStijl readers to comment. GeenCommentaar logged the IP addresses of users who made offensive comments on the blog and created a database. (A lot of the offensive comments came from GeenStijl users). Other bloggers could then check the database to see if a particular IP address had been tagged as offensive. Supposedly the idea behind this was to make life easy for other site/ blog owners, by offering an automatic way to filter out (probably) unwanted comments/ content. When GeenStijl realized what was happening, they responded with a vengeance by adding a piece of Javascript to their page. This meant when anyone visited the GeenStijl site, a random IP address was generated, and the GeenCommentaar database would be queried to see if the IP address had been tagged as offensive. All of this was done automatically and without visitors to the site knowing anything about it.
The result? GeenCommentaar's server couldn't handle the load; as well as GeenCommentaar getting hit, some other sites running on the same server were overloaded. In addition to the obvious ethical objections, both the parties involved are breaking the law.
BTW Kaspersky Lab added detection for this DDoS script as Trojan-Clicker.JS.Small.p .
If you want to read more about it
please look at my colleague Roel's comment at
Kaspersky Virus Analyst's Diary or read my own comments in Dutch at
webwereld.nlA lot of people seems not to think anymore about what seems to be good or bad on the internet. They just act and play like 'criminal' children without notice! Unbelievable!
Well ... at least their names are well chosen: no comment with no style.
<< Home