Last week's denial of service attacks that brought social networking sites like Twitter and Facebook to their knees were "collateral damage" suffered when hackers attempted to stop a single blogger from getting his message out. And, instead of silencing him, the attacks have succeeded in propelling the blogger into the world soptlight.
Writing on the McAfee Avert Labs, Dmitri Alperovitch says Twitter, LiveJournal, FaceBook, Youtube, Fotki all hve two things in common: the hosted an account from a pro-Georgian blogger; and they suffered denial of service attacks that brought some of them down.
The blogger, who goes by the nickname cyxymu (taken after Sukhumi, the capital of pro-Russian republic Abkhazia), claims to have fled from Abkhazia in 1993 during the republic’s war with Georgia.
"These sites all suffered a distributed denial-of-service (DDoS) attack, an attack that was able to take down Twitter for several hours and significantly slow down connectivity to Facebook," writes Alperovitch.
"Reportedly, the attack packets sent to the targeted social-media sites were requests to fetch the pages hosted for this user, who had just a few days ago blogged about the upcoming one-year anniversary of the war between Georgia and Russia."
McAfee has also detected a spam campaign that references the targeted blogs.
"We believe this campaign had a dual purpose," sats Alperovitch. "On one hand, the attackers spoofed the email address of the blogger, which is hosted on Gmail, as the originator of the spam. As a result, the blogger’s inbox was flooded with out-of-office notifications and vacation bounces automatically sent by mail clients of people who had received this spam. This was likely part of an intimidation campaign designed to send a message to cyxymu about who was the real intended target of the DDoS.
"In addition, the spam contained links to the blogger’s sites, with the likely goal of bringing even more traffic to bear on the servers of those blogs than would already be caused by the DDoS."
Meanwhile, Twitter had to apologise to users yesterday as its site was again floundering under a DDoS attack. The good news is that it was back up and running in less then half an hour.