The Cannons Pointed At The PP Blog


EDITOR’S NOTE: The screen shot above is from the PP Blog during a spam wave. It was taken yesterday and shows that 13 of 18 “readers” at the Blog between 10:11 a.m. and 10:18 a.m. were using IPs that resolve to China. 

Many of you have heard the website of the New York Times was brought down two days ago. The Times still was having trouble yesterday, according to USA Today.

From USA Today (italics added):

The SEA, a group of hackers who support Syrian President Bashar Assad, claimed responsibility online and said it also hacked Twitter’s sites.

Although the mechanics (reported by Fox News to be a “spear phishing attack,” the subsequent theft of log-in details and DNS hijacking at the registrar level) of this week’s attack on the Times were different than the mechanics of various attacks directed at the PP Blog over the years, the result was the same: The loss (or the limiting of) the ability to report, educate, opine and, yes, generate the revenue needed to report, educate and opine in the coming hours, days, months and years.

Destroying or altering the functionality of websites that are the very embodiment of the free press is incompatible with Democracy, making the attack on the Times an attack on freedom itself.

The PP Blog encountered DDoS attacks (in 2010) that knocked the site offline for days. There have been follow-up traffic floods, including one in 2011 in which the Blog received a claim of responsibility from a “master of execution” purportedly from the HYIP sphere. The PP Blog went down twice over the past weekend. Both today and yesterday the Blog has been relentlessly targeted by what appears to bots whose IPs appear to originate in China.

Beyond the commonality of the IPs, the masters appear to be quite interested in scraping content snippets from other websites and repackaging it in bizarre fashion in apparent bids to sell designer goods that may not be the real thing. Put another way, apparent would-be capitalists who apparently have control of a wide range of Chinese IPs are entitling themselves to a free ride on the the bandwidth of the PP Blog in the United States and are trying to attract “customers” for goods that may or may not be original — while perhaps also setting the stage for “customers'” identities to be stolen or otherwise misused.

A spam the PP Blog received last night included a dateline that purported to be from the AP. Earlier in the day, the Blog received a spam that appeared to have been lifted from a 2011 AP report on the departure of Sheila Bair from the FDIC. Like most of the recent spam received by the Blog, these two appeared to be hawking designer goods — or maybe, just maybe, trying to dupe people into visiting websites designed to pick pockets in more clever ways.


The screen shot above reflects only a small sampling of the resources-draining spam received yesterday morning by the PP Blog. Each spam appears to have been assigned its own bogus individual Gmail address. The red rectangles on the right highlight the PP Blog stories (or links) targeted by the spammers/bot masters. Had the wave been strong enough to cripple the Blog, readers interested in accessing the stories/links would not have been able to do so. In fact, nothing on the Blog would have been accessible — as was the case for at least four hours this past weekend.


About the Author

5 Responses to “The Cannons Pointed At The PP Blog”

  1. You have my sympathy for having these problems, but attack on your site and attack on NY Times are apples and oranges. Those who attack your website are disgruntled HYIPers who hire some nerd on the black hacking market for 100-200 bucks. People who took down big websites are either sponsored by some country or well organized hacker groups.

  2. Quick note: As I type this at 3:46 p.m., a wave of IPs from several countries is trying unsuccessfully to spam this story:

    Countries include:

    Indonesia (1)
    China (4)
    Vietnam (1)
    Venezuela (3)
    United States (1)

    That wave left, and then a new IP from China arrived at 3:48 — seeking to spam this thread:

    The 3:48 IP from China has recorded 47 visits to the PP Blog.


  3. Boris: but attack on your site and attack on NY Times are apples and oranges.

    I understand the point you’re making, Boris. But the fact remains that the result is the same regardless of the motivation and the funding source: outages, perhaps even outages that occur just when the information is most needed, affecting both broad-based sites and niche sites.


  4. Quick note: As to the issue of whether all of these websites spamming “designer goods” are selling the real thing, it sometimes proves to be the case that merchandise offered for sale is counterfeit.

    This from the brick-and-mortar world yesterday in Maryland:


    Members of the Maryland State Police Criminal Enforcement Division served search warrants at the Cyberion store and the ST Tech Pros kiosk in Arundel Mills Mall, 7000 Arundel Mills Circle, Hanover, Md., on August 23, 2013. Troopers recovered hundreds of counterfeit Apple products being sold as authentic factory replacements.

    A partial list of recovered items includes:
    24 counterfeit iPhones;
    250 counterfeit iPhone colored fronts;
    213 counterfeit iPhone colored backings;
    128 sets of counterfeit colored cell phone conversion kits;
    121 counterfeit iPhone and iPad covers;
    27 counterfeit Apple product ID stickers;
    69 counterfeit iPad replacement screens;
    300+ various internal iPhone parts.
    Also recovered were counterfeit packaging materials, computer equipment used for the design and printing of the packaging material, and computer equipment believed to be used to clone phones.



  5. Some of those are probably rejects from the Apple factory, illegally “recycled”. :)