Opinion

The demise of Blue Security

There’s been a lot of media interest in the demise of Blue Security, the Israeli company which launched antispam campaigns in 2005. As a spam analyst, I’m also interested in the topic – I think that the criminalization of the Internet in the form of spam, hackers, and virus writers, is often underestimated. Spammers, hackers and virus writers all have access to powerful technologies which pose a threat to Internet users. One example of this was the Blue Security case.

Kaspersky Lab doesn’t have data which lets us draw conclusions about the nationality of a spammer, and this makes it difficult for us to confirm the assertions issued by Blue Security representatives. However, Kaspersky Lab does have samples of threatening spam which was sent to Blue Security users.

It’s interesting that the wording of these samples seem to show the spammers justifying themselves, with the words ‘we don’t want to, but BlueSecurity is forcing us’.

The messages also included threats saying that the targets would effectively be subjected to a DoS attack: ‘you will end up recieving this message, or other nonsensical spams 20-40 times more than you would normally. How do you make it stop? Simple, in 48 hours, and every 48 hours thereafter, we will run our current list of BlueSecurity subscribers through BlueSecurity’s database, if you arent there.. you wont get this again’

I don’t think that any spam analyst was really surprised that Blue Security came to a sticky end. Of course, we’re not happy that the spammers appear to have won this round. But destabilizing sites if the site names are mentioned in spam is a very dubious tactic – it’s neither ethical or really legitimate.

I think that the path Blue Security chose was more or less doomed, if not to failure, then at least to causing a lot of Internet users, not just spammers, to react negatively. Why go down this road at all? There are plenty of spam filters available on the market. And ultimately, spammers should be punished by law enforcement bodies in accordance with legislation. In my view, users taking matters into their own hands is an unacceptable form of vigilantism.

The demise of Blue Security

Your email address will not be published.

 

Reports

APT trends report Q1 2022

This is our latest summary of advanced persistent threat (APT) activity, focusing on events that we observed during Q1 2022.

Lazarus Trojanized DeFi app for delivering malware

We recently discovered a Trojanized DeFi application that was compiled in November 2021. This application contains a legitimate program called DeFi Wallet that saves and manages a cryptocurrency wallet, but also implants a full-featured backdoor.

MoonBounce: the dark side of UEFI firmware

At the end of 2021, we inspected UEFI firmware that was tampered with to embed a malicious code we dub MoonBounce. In this report we describe how the MoonBounce implant works and how it is connected to APT41.

Subscribe to our weekly e-mails

The hottest research right in your inbox