Shoutbox

Hey

Recently there was a discussion here concerning the World Community Grid, where you donate your idle CPU time to assist in cancer research. I just thought I'd go ahead and show you guys something similar, only this time your bandwidth is put to use.

Behold: The Lad Vampire!

So what's this flashy picture page all about? Well, by viewing this webpage, you're basically stealing bandwidth from Nigerian fraudulents (most of them are Nigerian, anyway) who are running these so called fake banks and lotteries in order to steal money from innocent users. The Lad Vampire makes your browser continuously download pictures off these sites in an effort to overload their servers. Check out www.aa419.org for more information.

Be aware of the fact that this will consume all of your bandwidth (no low-priority download feature ), so you'll mostly just want to run the Vampire when you're afk. I've currently downloaded about 80,000 pictures since opening the page today, and it hasn't even been running for all that long.

//Zred

Cool...[F**k corrupts]..but i've only got 2gb of international bandwith...

whoa, first time i saw such an action to take out all those scammers. and that page really takes out all the bandwidth, LEDs flashing once i clicked on the link. and i got unlimited bandwidth

...now that's a dDoS attack
* andrey has a flatrate ...hmm...

Oh wait, it just uses up their bandwith....hmm...dDoS or not ?

Well...As Cookie convinced me that those actions are dDoS attacks I won't participate in this one.

that sounds like the program that target spammer sites which the sever got hacked which is metioned in the forum a while ago

lol nice ill leave it on for a while i can afford to waste 20gb on it

But, who verifies if their database is right? It would be really a shame if a good webpage receives an attack by mistake.

im sure they checked this against the victims. but i don't know, there might be a few mistakes here and there. is it possible to just hack the scammers' website?

quote:

---

Originally posted by AndreY
...now that's a dDoS attack
* AndreY has a flatrate ...hmm...


Oh wait, it just uses up their bandwith....hmm...dDoS or not ?

Well...As Cookie convinced me that those actions are dDoS attacks I won't participate in this one.

---

The difference is that this attack will attack websites only, not servers. So in this case other sites on the same server will not be affected (which was the case in the Lycos-attack)

quote:

---

Originally posted by FrozernFire
is it possible to just hack the scammers' website?

---

that is exactly what this does...

quote:

---

Originally posted by leito.gt
But, who verifies if their database is right? It would be really a shame if a good webpage receives an attack by mistake.

---

Indeed, and we all know how "accurate" such lists are (it wouldn't be the first time something has been listed as malicious while in fact it isn't)....

Even the sole fact that anyone can list any website to be attacked on that page is dangerous on its own.

A very small search revealed that there is already 1 problem: Companies for financial services don't nessecairly need to be authorised by FSA-type organisations to be genuine. Although it is of course very strongly adviced to only use financial institutes which are authorised by such organisations (because then you have a legal way in resolving conflicts and stuff)...

Also a financial institute can be autherised by one organisation, but not (yet) by the other, etc...

If the financial institute is authorised by such organisations, then you are certain that it is genuine. If it is not, then chances are great, but not 100%!!!!, that it isn't genuine...

note: this isn't a comment to say that such lists are rubbish, only that you need to be very carefull in dealing with such lists as on Lad Vampire and think of the consequences and don't believe anything just like that.

Just attacking those institutes can result in the site being taken down. So? The scammer can (and will) just continue with another site and by that time many people will have fallen in the trap again...

It is much better to report them to the authorities for many other reasons.
A) it will first be investigated properly to make sure
B) further activities of the scammers can be monitored/prevented
C) attacking sites isn't a (legal) punishment for those scammers, only an inconvenience. They aren't stopped by it
D) using attacks like this mostly results in internet bandwidth use. Despite in what you may believe the internet is getting slower and slower. Together with spammails, other useless/malicious attacks, etc..., all these types of bandwidth-use count for 90% of all internet traffic!! (The added and normal bandwidth use of the increasing number of people connecting to the net each year doesn't count as much in the total figur) This must be constantly compensated with adding more newer faster servers and network cables and costs heaps of money. In the end, you only harm yourself (and other people) with participating in such things
E) reporting it to the autorities makes the authorities aware that there might be/is a problem with international internet laws (or the lack of them). Just attacking like that will not result in anything being done to this kind of scams and problems (like other related stuff, eg: spam).


But Again, it speaks for itself that using financial institues which are not authorised is extremely risky. But it is another major big step to conclude that _all_ unauthorised institutes are _scams_ and should be attacked just like that.