News Stay informed about the latest enterprise technology news and product updates.

Antispam crusade backfires; Blue Security shuts down

The move comes on the heels of a massive counterattack spammers launched against the company, knocking millions of Web sites offline in the process.

Blue Security Inc.'s unique battle against spam has backfired, leading to the demise of the company itself.

The Menlo Park, Calif.-based antispam company announced it is closing up shop. The decision comes on the heels of a massive denial-of-service attack spammers launched against the company a couple weeks ago, in retaliation for its aggressive spam-fighting tactics.

Blue Security had been having its 522,000 users fight back against the spammers by flooding them with simultaneous return e-mails, leading the spammers to counter-attack with the denial of service that crippled millions of other Web sites, including popular blog-host sites TypePad and LiveJournal.

Security Wire Weekly

In our most recent Security Wire Weekly podcast, analyst Mike Rothman breaks down the Blue Security controversy. Download the podcast here or subscribe to Security Wire Weekly here.
"It's clear to us that [quitting] would be the only thing to prevent a full-scale cyber-war that we just don't have the authority to start," CEO Eran Reshef told The Washington Post. "Our users never signed up for this kind of thing."

Blue Security has said the "sophisticated attacks" were orchestrated by a rogue cracker named PharmaMaster, carrying through on earlier threats to take down the company and the Internet if it didn't allow his spam to get through.

"The attacks started with a strike on the Internet backbone itself, causing the Blue Web site to become inaccessible to visitors outside Israel, while remaining available for Israeli visitors," Reshef said in a statement at the time. The company's research work had been performed in Israel.

The company had claimed PharmaMaster was bent on going after any site associated with it. "This attack caused five top-tier hosting providers in the U.S. and Canada, a major DNS provider and a popular blog site to go down for several hours," Reshef said in the earlier statement.

Also at the time, a security chief for Internet monitoring and routing analysis firm Renesys Corp. of Manchester, N.H., reported that Blue Security changed its DNS record to reroute traffic to its blog, hosted by San Francisco-based Six Apart Ltd.'s TypePad site. But, Renesys said, Blue Security never warned Six Apart about the 1 to 3 million packets per second hitting its servers, causing the sudden spike in bad traffic to overwhelmed the blog host and knock millions of TypePad and LiveJournal blogs offline for several hours.

As of 9 a.m. Wednesday morning, the Blue Security Web site was down. A message about the company's closure is expected to be posted on the site Wednesday.

Dig Deeper on Information security laws, investigations and ethics

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.