Note from Fredric Rice: I have been involved in tracking, identifying, and killing Internet accounts with a large number of Internet Service Provicers who have been attacked by these individuals. The information that has been accumulated so far on the individuals performing these attacks will be released in a press release once we feel that we have as many cult followers to put up on criminal and civil charges as we want.

The individuals who do this don't seem to understand the technology they're abusing and because of it, we've managed to get the real names, telephone numbers, addresses, businesses, property owned, driver's licenses, social security numbers et al. from nearly all of these criminals.

From warrior@entheta.net Fri Feb 26 15:10:02 1999
Sporgery attacks from Netroplex accounts users

I'm posting this due to its relevance to the ongoing sporgeries being posted to ARS. Last fall I spoke with Netroplex policy manager Laurent Kim about the sporgery attack on ARS. During my telephone conversation with him, he indicated that he was very agreeable to receiving a friendly subpoena and would cooperate fully in turning over all information he has regarding the sporgers' accounts. (See paragraph 5 of the following article from http://detnews.com/1998/technology/9809/19/09190158.htm.)

Wired - Saturday, September 19, 1998

Religious sites targetted by Internet pranksters

SAN FRANCISCO -- Two unidentified women set up ISP accounts that were used in a three-day automated attack this week on religious Usenet computer bulletin board newsgroups. The attackers used familiar newsgroup member names in sending thousands of off-subject, often vulgar, posts to a number of alt.religion groups on the Internet.

Netroplex Internet Services, a small Los Angeles-based Internet service provider, disconnected the two accounts on this week after determining they were used to launch the attacks. The posts were likely generated by an automated program that collected posts from other newsgroups and sent them, en masse, to the alt.religion newsgroups. Generally, the posts weren't relevant to the newsgroup subjects, and many were laced with vulgarities and pornography.

Chris Caputo, president of Altopia Corp. -- the company that provides Netroplex with its newsfeed -- said more than 10,000 forged posts were sent from Netroplex accounts beginning late Sunday.

The forged notes continued at the rate of 8 to 20 posts a minute until early Wednesday, when Netroplex policy manager Laurent Kim disconnected the second of two accounts used to launch the attack.

"We found out who the users were," said Kim. "It was two different people who walked into our office, and paid cash for their accounts." Kim said that the individuals-both women-had given phony contact information. The first woman signed up with the ISP on 8 September and started sending forged articles on Sunday; the second obtained an account on Tuesday, and was disconnected a day later.

While the company is not looking into legal action, Kim said it will hand over Caller ID data from the dialup lines to any court of law that requests it. He stressed that his company is also a victim of the attack, because it has had to deal with the thousands of messages received from people around the world who are upset about the forgeries.

Since one or two people couldn't manually post all of the messages, Caputo suspects that the perpetrators wrote a program to do it. The forged articles had valid names and email addresses, and subject lines that looked appropriate for each group. But the body of each message contained an old news posting, often with pornographic content.

The spam attack prevented actual conversation on many newsgroups, since it was difficult to distinguish which of the messages were real. The forgeries could also come back to haunt the people whose identities were used on the postings. DejaNews, which provides a way to read and post to approximately 15,000 Usenet newsgroups, has a popular tool called "Author Profile" that displays a list of all articles that a user has posted, and may include some of the forged posts.

Most of the forged posts never made it to DejaNews' archives, according to David Wilson, the company's vice president of marketing. "We have several layers of spam filtering, and we caught several thousand of those things-actually, a few thousand at a time, from what I'm told," Wilson said.

According to Wilson, the company used a combination of technologies to rid their archive of spam. "I can't tell you how the filters work, because if I did, then whoever posted the forgeries would be able to find a workaround," Wilson said. "It's a cat-and-mouse game."

As for the inevitable remaining forgeries in the archive, Wilson said, "A user always has the ability to delete a message from the archive that was posted under their identity. And so if this forger posted something under someone else's identity, they can come to our site and nuke that article."

[Note: The URL for "nuking" spam at Deja News is: http://www.dejanews.com/forms/nuke.shtml]

[...snip...]

Copyright 1998, The Detroit News
===

Warrior
See http://www.entheta.net/entheta/1stpersn/warrior/

Click here for some additional truth about the Scientology crime syndicate: XENU.NET