Home / News

Massive Cyberattack Aimed at Flooding .Gov Email Inboxes With Subscription Requests

“Massive Email Bombs Target .Gov Addresses,” Brian Krebs writes in Krebs on Security: “Over the weekend, unknown assailants launched a massive cyber attack aimed at flooding targeted dot-gov (.gov) email inboxes with subscription requests to thousands of email lists. According to experts, the attack—designed to render the targeted inboxes useless for a period of time—was successful largely thanks to the staggering number of email newsletters that don’t take the basic step of validating new signup requests.”

Steve Linford, CEO of Spamhaus further explanis: “This incident involved a large number of government addresses belonging to various countries being subscribed to very large numbers of lists in a very short space of time by scripts run by the attacker(s). Most of the lists hit by the attack used COI and therefore only sent confirmation requests and did not subscribe any addresses. The attack undoubtably also hit lists which used Captcha in addition to COI and thus did not even proceed to COI (those list admins deserve some sort of community ‘hi 5’ award, since one can imagine how hard it is to convince one’s management to implement COI let alone put Captcha in front of it). The issue is the badly-run ‘open’ lists which happily subscribed every address without any consent verification and which now continue as participants in the list-bombing of government addresses.”

Krebs was also the target of this subscription attack and writes about it based on his first-hand experience: “At approximately 9:00 a.m. ET on Saturday, KrebsOnSecurity’s inbox began filling up with new newsletter subscriptions. The emails came in at a rate of about one new message every 2-3 seconds. By the time I’d finished deleting and unsubscribing from the first page of requests, there would be another page or two of new newsletter-related emails. For most of the weekend until I got things under semi-control, my Gmail account was basically useless.”

Laura Atkins in her report on the incident on Monday said, “this should be a major wakeup call for ESPs and senders.” ... “Internet harassment seems to be a bigger and bigger issue. I don’t know if it’s because people are being more open about harassment or if it’s actually more common. In either case, it is the responsibility of networks to minimize the harassment. If your network is a conduit for harassment, you need to do something to stop it.”

NORDVPN DISCOUNT - CircleID x NordVPN
Get NordVPN  [74% +3 extra months, from $2.99/month]
By CircleID Reporter

CircleID’s internal staff reporting on news tips and developing stories. Do you have information the professional Internet community should be aware of? Contact us.

Visit Page

Filed Under

Comments

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

Threat Intelligence

Sponsored byWhoisXML API

New TLDs

Sponsored byRadix

Brand Protection

Sponsored byCSC

Domain Names

Sponsored byVerisign

IPv4 Markets

Sponsored byIPv4.Global

DNS

Sponsored byDNIB.com

Cybersecurity

Sponsored byVerisign