"You better f*** off SANS.org, especially that Johannes Ullrich (his email and phone number) and Kevin Hong (his email and phone number)," the message said, according to a post today on the organisation’s blog. "I really don’t have anything against you, just piss off alright?"
Ullrich, chief research officer of the SANS Institute, told SCMagazine.com today that the tone of the message suggests the author is not a professional.
He thinks the culprit behind the zombie spam is someone SANS recently reported to a DNS provider, telling the company the spammer was using its server to control botnets.
Ullrich assumed the message was meant as a retaliation – but he wasn't offended.
"I take it somewhat as confirmation that we’re right on track here [with stopping spammers]," he said.
SANS is not the only organisation that has been on the receiving side of cybercrooks’ wrath lately.
DoS attacks have hit online security and privacy volunteer community site CastleCops for the last couple of weeks.
"Someone isn’t happy we’re up and running," said a blog on the site.
So far, SANS has not been impacted by DoS attacks, but the organisation wouldn’t be surprised if it happens soon.
That is why handler Jason Lam today reminded readers of the site’s emergency URL:
http://iscems.dshield.org/index.txt.
SANS Institute threatened in zombie spam message
By
Dan Kaplan
on
Feb 26, 2007 5:27AM
The US SANS Internet Storm Center on Thursday received a malware sample that contained code with a not-so-endearing message for the organisation.
Got a news tip for our journalists? Share it with us anonymously here.