Hacked FreeWebStuff Site Still Offline, May Not Return

[William Knowles <wk () C4I ORG>]

http://www.newsbytes.com/pubNews/00/153944.html

By Michael Bartlett, Newsbytes
SAN JOSE, CALIFORNIA, U.S.A.,
21 Aug 2000, 1:10 PM CST

FreeWebStuff.Com, Inc., the "get-paid-to-surf" Internet company that
became so infiltrated by hackers it was forced to take its site down
on July 10, may be offline permanently.

"We would love to relaunch the site, if we had a partner to bring in
security or to help share the risk," said FreeWebStuff.com
spokesperson Bill Johnson. "But as of this weekend, the company made
the decision to pull out and try to sell the domain name."

As previously reported by Newsbytes, after nine months of development,
the FreeWebStuff Web site was launched on June 5. One month later, the
company discovered that 90 percent of its 65,000 sign-ups were bogus.

"We could catch fake sign-ups when there were just a few per day by
running various tests," explained Johnson. "But we started getting
thousands of fakes a day - one day we had 4,500 in a 24-hour period
and that just overwhelmed us."

Johnson said that FreeWebStuff.com did not check identity at the time
of sign-up, and that left a loophole that allowed individuals bent on
fraud to create multiple identities. Johnson suspects one person might
have had up to 2,000 identities.

After the rampant cheating was discovered, the company tried different
means to plug the holes in its security walls. "We offered an amnesty
program," said Johnson. "When we discovered people that were
defrauding us, we contacted them and told them if they gave us
information, we would not turn them over for prosecution by the
federal government."

FreeWebStuff.com also attempted to fight back by hiring three hackers
as security consultants, but ultimately, the company decided it could
not trust the hackers in the long run.

"The good news is, we realized early on that there was an
insurmountable problem," Johnson said. "We did not want fake growth.
We were not going to tell our investors that we had 65,000 subscribers
when we knew the number was not real. We have integrity."

The company is now looking to sell the FreeWebStuff.com domain name to
allow it to recoup part of its investment. According to Johnson, there
is no current asking price, but all offers are being considered.

More information on FreeWebStuff.com can be found at
http://www.extremetargeting.com .


*==============================================================*
"Communications without intelligence is noise;  Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
================================================================
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
*==============================================================*

ISN is hosted by SecurityFocus.com
---
To unsubscribe email LISTSERV () SecurityFocus com with a message body of
"SIGNOFF ISN".