Presumably a spammer has taken his list and “cleaned” it against the blue list, then done a diff? Like I say, I’m amazed it’s taken so long.

Quite clearly this spammer has only sent this eMail to people that were already on his list and matched against a Blue Security hash. Thanks to JohnSolver for thie link to Blue Security’s response, their web-site is slow… Maybe a DoS by the same spammer to go along with the FUD?

One response to the body of the spammer’s text:

BlueSecurity lists a USA address as their place of business, whereas their main office is in Tel Aviv.

So what? Many Israeli technology companies incorporate in Delaware for taxation reasons. The next line is clearly defamatory with no real value:

BlueSecurity is run by a few Russian-born Jews, who have previously been spamming themselves.

Their heritage is beside the point. Also even had they were spammers previously, the spammer behind this eMail has no right to make anonymous accusations.

Bookmark to:

]]> http://www.rationalistic.com/2006/05/01/internet/more-on-blue-security-supposed-compromised/feed/ 0 http://www.rationalistic.com/2006/05/01/internet/blue-securitys-db-compromised/ http://www.rationalistic.com/2006/05/01/internet/blue-securitys-db-compromised/#comments Mon, 01 May 2006 19:18:00 +0000 Tal Rotbart http://www.rationalistic.com/?p=9 I just got the following by eMail, does anyone know how correct this is and whether it actually indicates a compromise of Blue Security’s eMail database?

From: GOLDEN HOLLINGSWORTH

You are being emailed because you are a user of BlueSecurity’s well-known software “BlueFrog.” http://www.bluesecurity.com/

Today, the BlueSecurity database became known to the worst spammers worldwide. Within 48 hours, the database will be published on the Internet, and your email address will be open to them all. After this, you will see the spam sent to your mailbox increase 10 – 20 fold.

BlueSecurity was illegally attacking email marketers, and doing so with your help. Many websites have been targeted and hit, including non-spam sites. BlueSecurity’s software has been fully analyzed, and contains an abundance of malicious code. This includes: ability to send mass mail to users; the ability to attack websites with Distributed Denial of Service attack (DDoS); the ability to open hidden doors on any machine on which it is running; and a hidden auto-update code function, which can install anything on your computer and open it up to anyone.

BlueSecurity lists a USA address as their place of business, whereas their main office is in Tel Aviv. BlueSecurity is run by a few Russian-born Jews, who have previously been spamming themselves. When all is said and done, they will be able to run, hide and change their identities, leaving you to take the fall. YOU CANNOT PARTICIPATE IN ILLEGAL ACTIVITIES and expect to get away with it. This email ensures that you are well aware of the situation. Soon, you will be found guilty of computer crimes such as DDOS attacking of websites, conspiracy, and sending mass unsolicited bulk email messages for everything from viagra to porn, as long as you continue to run BlueFrog.

They do not take money for downloading their software, they do not take money for removing emails from their lists, and they have no visible revenue stream. What they DO have is 500,000 computers sitting there awaiting their next command. What are they doing now?

1. Using your computer to send spam ?
2. Using your computer to attack competitor websites?
3. Phishing through your files for your identity and banking information?

If you think you can merely change your email address and be safe while still running BlueFrog, you are in for a big surprise. This is just the beginning…

Bookmark to:

]]> http://www.rationalistic.com/2006/05/01/internet/blue-securitys-db-compromised/feed/ 3