Bobbear struck by distributed denial-of-service (DDoS) assault

IT security and control firm Sophos is reminding organisations about the dangers of cyberattacks as internet fraudsters launched an attempt to obliterate a website designed to fight online money laundering.

Bobbear is a British website designed to inform the internet community about websites set up by gangs to steal money from innocent web users through email scams and money mule operations.  Emails sent by the criminal gangs often claim to offer lucrative earnings to those recipients who agree to move money in and out of their bank accounts on behalf of a financial institution.

Sophos reports that the site is currently under fire from a distributed denial-of-service (DDoS) attack using compromised computers around the world.  The botnet is bombarding the website with traffic, effectively blasting it off the internet and making it impossible for legitimate visitors to reach the site.  Bobbear administrator Bob Harrison told Sophos that the botnet is "huge" with "over half a million recorded zombie hits from midnight to 8am today [17 November]."

"An attack like this is unfortunate news for the internet community, as it disrupts the dissemination of hundreds of pages of warnings about email frauds archived by Bob over the years," said Graham Cluley, senior technology consultant at Sophos. (pictured)  "It's appalling to see cybercriminals launch such a dirty attack on a voluntary organisation that is actually doing something positive to make the internet a safer place - it just goes to show how unscrupulous these crooks are.  The only consolation that Bobbear can take from this situation is that they must be having an impact on the fraudsters if they are prepared to go to such lengths to put the site out of operation."

Sophos experts note that this isn't the first time that the Bobbear website has been attacked by the very criminals it tries to educate the public about.  In October 2007, Sophos intercepted an email spam campaign which saw hackers attempt to tarnish Bobbear's reputation by asking for money to be donated to the website via online payment service e-Gold.

For more information on the attack, please visit Graham Cluley's blog at: www.sophos.com/blogs/gc/g/2008/11/17/ddos-attack

Sophos recommends companies protect themselves with a consolidated solution which can control network access and defend against the threats of spam, hackers, spyware and viruses.