Want CNET to notify you of price drops and the latest stories?

Lycos Europe denies attack on zombie army

Defacement of "Make love not spam" site was a hoax, not a hack, the Internet portal says.

2 min read
Internet portal Lycos Europe has denied that its "Make love not spam" Web site was defaced by hackers last night.

The company said that an e-mail that contained an apparent mirror image of the Web site being hacked was a hoax generated by spammers.

"This is a hoax," said Malte Pollmann, director of communications services for Lycos Europe. "We have obviously reached our goal and are getting to the spammers. On our servers, we don't have any logs of an attack. No one was able to verify that."

Despite the company's assertions, the site was inaccessible for most of Wednesday, according to Internet analysis company Netcraft.

Additionally, the site was reported to have been inaccessible for some time Tuesday night, and an e-mail was sent to Finnish antivirus company F-Secure with what appeared to be a mirror image of a defacement of the site. The defacement read:

"Yes, attacking spammers is wrong. You know this, you shouldn't be doing it. Your IP address and request have been logged and will be reported to your ISP for further action."

Lycos Europe is a separate company from the Web portal that bears the Lycos name in the United States. Lycos Europe claims that it maintains roughly 40 million e-mail accounts in eight European countries.

Lycos Europe introduced its "Make love not spam" campaign, which offers users a screensaver that helps to launch something like distributed denial-of-service (DDoS) attacks on spammers' Web sites, this week. The company said the screensaver uses the idle processing power of a computer to slow down the response times from spammers' Web sites--much in the same way spammers use compromised PCs to distribute unsolicited e-mail messages.

But Lycos Europe also denied it was using denial-of-service attacks.

"I have to be very clear that it's not a denial-of-service attack," Pollmann said. "We slow the remaining bandwidth to 5 percent. It wouldn't be in our interests to (carry out DDoS attacks). It is to increase the cost of spamming. We have an interest to make this, economically, not more attractive."

Steve Linford, the director of international spam-fighting organization the SpamHaus Project, said that by attacking spammer bandwidth, Lycos could be attacking innocent users' bandwidth, too.

But Pollmann sidestepped that question. "We want to hit targeted bandwidth," he said. "We are selecting spammers from blacklists. We verify every address. Professional spammers run on very dedicated media."

On Tuesday, F-Secure warned users not to participate in Lycos' campaign because it might involve "possible legal problems."

Dan Ilett of ZDNet UK reported from London.