back to article Consumer revenge site returns after DDoS attack

UK-based consumer finance website MoneySavingExpert.com was forced to pull most of its services over the weekend as a result of an ongoing denial of service attack. The site was hit at 1700 on Friday hours before launching a high-profile campaign against insurance rip-offs. Services were largely restored by 1000 on Monday. …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Joke

    Heh...

    Bet they wish they had insurance against DDOS attacks!

  2. Anonymous Coward
    Anonymous Coward

    Any publicity is good publicity

    You can reclaim that bastard insurance crap they signed me up for?

    I'm there. When the sites back up that is.

    Thanks for bringing this site to my attention, hackers.

  3. Ralph B
    Stop

    Following the wrong money?

    Surely the DDoS attack is more likely to have been created by one of the several other PPI-miss-selling-claims-collecting companies that a Google listings shows up ... ?

  4. Tim Greening-Jackson

    No such thing as bad publicity

    "Any publicity is good publicity"

    By Anonymous Coward

    try telling that to Gary Glitter

  5. Anonymous Coward
    Anonymous Coward

    Damn...

    Egg tried to get me to take insurance on a loan I took out, but after I explained to them that under the self employed rules I'd have to declare myself bankrupt in order to claim, in which case they wouldn't get the loan repaid anyway and I wouldn't care, they backed down and gave me the loan without.

    If only I'd taken it out, I could've reclaimed!

  6. James Pickett

    Good

    "The assault might even draw wider attention to the issue"

    I do hope so! I was quoted a large sum for this recently, and after it became apparent that I wasn't interested, a new quote for about a third of the amount appeared. Didn't take that either. Bankers.

  7. An Unwashed Mass

    PPI

    I'm currently having an argument with Halifax over this exact issue... We were sold a single-premium (no longer allowed) policy with PPI... The PPI in question only covers me but not my partner... A fact we were only made aware of when I went to claim after she had to take 6 weeks off work with an injury

    After going into our local branch to have the PPI removed we were told we'd have to take out another loan and leave off the PPI... No real problem there until they told us that our 8.9% APR (high anyway) would mystically rise to 16.9% costing us an extra £1000 over the life of the loan (equating to a monthly payment increase of £3)

    Unbelievably, while they were giving us this 'wonderful' offer they tried to hard-sell a bank account to us... I think not!

    A quick word with the financial ombudsman is in order I think

  8. Someone

    Another possible enemy

    While no-one would think it was the banks, there are other less far-fetched possibilities. Someone in charge of one the big banks’ PPI selling departments fearing for their job? One of the PPI reclaim companies hoping to drive trade their way? Even for those people, it would be as good a plan as trying to blackmail a member of the royal family. As for it being someone showing off... I can see it attracting about as much kudos in the hacking community as flooring a site like www.mcpriests.com.*

    I’m still putting my money on a forum thread that can be found in Google’s cache.

    http://64.233.183.104/search?q=cache:sMIj4JWsqW0J:forums.moneysavingexpert.com/showthread.html%3Fp%3D6660419

    I’ve been a long-time reader of the MSE forum, and have never seen someone make a direct warning like that. The forum software turns all typed URLs into usable links, so any reader clicking through them could have been making the presence of the warning nice and clear to the criminals. If you’re that criminal, a DDoS would be in character and within your means. Warnings have the potential to decrease the success of your scam, so taking the site down, if only for a few days, would be a logical step. As the thread was started late on Thursday, it would match the time of the attack.

    *I’m not saying Mr Lewis is in any way like Mother Teresa of Calcutta, but there are many forum posters who put in a large amount of time and effort, for no more reward than knowing they’re doing a good job.

  9. James Pickett

    @unwashed

    Go to the MSE site first. There are form letters there you can use directly - probably quicker than the Ombudsman, who is probably a bit busy right now...

  10. An Unwashed Mass

    @James

    Well, this is an avenue we will be taking as well further direct contact with Halifax themselves

    I'm just wondering if there's any way I can cause them some pain and possibly prevent, or at least deter, them from trying it on other, potentially less savvy, customers

    That's not to say that I'm particularly savvy otherwise my loan would be housed elsewhere

  11. Stephen Meredith

    Shameles Plug

    MSE needs to contact Webscreen asap as Prolexic don't seem to be able to fix the problem

  12. Anonymous Coward
    Anonymous Coward

    @unwashed

    I worked for a car insurer for a breif time and we were told that it costs the company about £300 every time someone rights to the Ombudsman.

    Try to break this up into as many issues as possible and complain about each seperately.

  13. An Unwashed Mass

    @Anonymous

    I *like* that idea

  14. Anonymous Coward
    Unhappy

    Get well soon MSE

    That site really is a great one. It's helped me to save lots of money on loads of things. I got £100 back from Halifax when they increased the Mortgage Exit Administration Fee by that amount in the 2 years between taking out the mortgage and switching to another provider. They shouldn't have charged more than was stated in the agreement when I took it out so they had to give it back! I may not have known I could claim this money without MSE.

  15. Anonymous Coward
    Pirate

    Banks ddos?

    I always thought of banks as being kind of staid, and set in their ways. I guess pirate financiers are about.

  16. Anonymous Coward
    Anonymous Coward

    They need to immediately contact IntruGuard and their ISP

    First they should have cloud-based DDoS mitigation from their ISP, so that the pipe doesn't get flooded. Then they should install a hardware-based DDoS mitigation such as one from IntruGuard. Software based solution cannot handle DDoS well. Cloud-based mitigation cannot totally solve the DDoS. The residual DDoS needs to be cleaned by hardware in the data center. Good luck. Two ISP links will help the situation.

  17. Douglas

    How to stop the zombies

    Most, if not all DDOS attacks come from Zombies, that were almost always compromised due to the PC owner's system being unsecure, or the user doing stupid things like opening attachments from people they don't know, not having a firewall or a filtering proxy, and not scanning for viruses.

    My proposal: create an international treaty, whereby all zombie IP addresses captured in a DDOS attack can be traced back to accounts at ISP's or corporates, and the owner of the PC in question either pays a nominal fine (about the same as a small speeding fine) or gets their IP blocked from Internet access for a week or two. Most of the proceeds of the fine should go to the affected parties to compensate them for loss of business.

    It is almost impossible to block a DDOS at the destination network, at least not without bogging down the equipment. We need stop it as close as possible to the source.

    Making users liable for incidents involving their machines will give them a definite incentive to use and maintain them properly, or get someone else to do so if they are unable.

  18. Anonymous Coward
    Anonymous Coward

    Spooky...

    @Someone

    half an hour later, and that cache URL doesn't return anything.

    The original forum post is back up, but no obvious post...

    What was the nature of the warning you refer to?

  19. Steve Roper
    Thumb Up

    @ Douglas

    What a great idea - I'm with you on that one.

    Actually, what would be a good expansion of that idea would be to collect all the IP addresses involved in a DDoS attack and post them to your country's antiterrorist hotline with a note to the effect that these IPs were detected as participating in a cyberterrorist act. Getting a few of these click-anything numpties sent to Gitmo or at least listed on a terrorist register would be a fine incentive for making people more careful about what they allow to be installed on their computers... a neat way of exploiting oppressive pseudodemocracies to educate the masses with a big stick about the perils of responding to and thereby encouraging spam and scams!

    As the saying goes: No one raindrop believes it is responsible for the flood.

This topic is closed for new posts.