Hit by a TheGreatHatsby
Sun 31st May 2009, 10.01 pm
Interesting. I was just hit by a type of bot attack called a TheGreatHatsby. It intitiates a chat between two people by sending them both messages. It doesn't appear to have any kind of malicious intent, just a laugh on the part of the creators.
The "$optout" command removes you from their network.
(21:39:47) TenGallonCoho: Catholicism is for pussies.
(21:41:30) OwlofDoom: erm
(21:41:48) TenGallonCoho: i don't know an erm
(21:42:26) OwlofDoom: what?
(21:42:53) TenGallonCoho: i asked who this is and you said erm
(21:42:56) TenGallonCoho: and i said
(21:43:00) TenGallonCoho: i don't know anybody named erm
(21:43:03) TenGallonCoho: so bye
(21:43:07) OwlofDoom: who are you?
(21:43:16) TenGallonCoho: you talked to me remember?
(21:43:18) OwlofDoom: i just got a message from you saying "Catholicism is for pussies."
(21:43:20) OwlofDoom: no, i didn't
(21:43:30) TenGallonCoho: really?
(21:43:34) OwlofDoom: really
(21:43:45) TenGallonCoho: i got one from you saying "let's murder lady gaga together"
(21:43:48) TenGallonCoho: weird..
(21:44:03) OwlofDoom: I never got your "who is this?" message either
(21:44:13) OwlofDoom: very odd
(21:44:27) TenGallonCoho: oh well alright then...this has been sufficiently awkward ha.
(21:45:03) OwlofDoom: quite! wonder what sort of malware would conspire to get two people arguing with each other
(21:45:58) TenGallonCoho: ha yeah that i couldn't tell you, must be an interesting one though
(21:46:19) OwlofDoom: are you a windows user? have you checked your machine for spyware recently?
(21:46:33) TenGallonCoho: nope i have a mac
(21:46:40) OwlofDoom: even weirder - i'm on linux
(21:46:48) OwlofDoom: never heard of any significant malware for either
(21:47:03) TenGallonCoho: yeah same. that's super weird
(21:49:32) OwlofDoom: hmm i'm going to have to do some research on this now
(21:51:01) OwlofDoom: ah, TenGallonCoho isn't your username
(21:51:06) OwlofDoom: http://en.wikipedia.org/wiki/TheGreatHatsby#Coho_bots
(21:51:11) OwlofDoom: it's a bot proxy server thing
(21:54:04) OwlofDoom: $optout
(21:54:05) TenGallonCoho: OPERATOR: Are you sure you want to opt-out? If you do, you will never be contacted again on the account "owlofdoom". There is no way to opt back in and undo this.
If you are sure, type "$optout 2A52". Remember, this is permanent and irreversible!
(21:54:15) OwlofDoom: $optout 2A52
(21:54:16) TenGallonCoho: OPERATOR: You have opted out. The accout "owlofdoom" will never be contacted again. Good bye!
Feel free to email projectupstream@gmail.com with feedback, comments, complaints, etc.
So here's the question. It's definitely not spam. But is this sort of japery an invasion of my privacy? A denial of my data protection rights? Or should this sort of thing be condoned?
Tagged as: personal attack thegreathatsby coho bot spam malware aim
PigleT
on Mon 1st June 2009, 9.00 am
I'd look at it as a lightweight form of DoS. What it does is reduce the value of the account/protocol for you, (eg if you're normally open accept chat requests from strangers, you're more likely to batten down the hatches) and also risks causing the protocol-provider (yahoo, etc?) grief with user-complaints, etc.
