"The attacks started with a strike on the Internet backbone itself, causing the Blue Web site to become inaccessible to visitors outside Israel, while remaining available for Israeli visitors. How exactly this attack was carried out is still unresolved, but what is clear is that PharmaMaster boasted that it was he who was able to make a top-tier ISP's staff member to block Blue Security's former IP address (18.104.22.168) at the backbone routers."
In PharmaMaster's words (taken from ICQ sessions where PharmaMaster contacted Blue Security): 'Support (top-tier ISP's name withheld) says: Yes wont be a problem, I'll make sure to block all traffic to this domain very soon just get me reports, mate.'
Reshef continued, "Thirty minutes after Blue closed its Israeli site and posted a note on its blog site, PharmaMaster ruthlessly ordered a massive, sophisticated DDoS attack against any site associated with Blue. This attack caused five top-tier hosting providers in the U.S. and Canada, a major DNS provider and a popular blog site to go down for several hours."
PharmaMaster summarized the situation (excerpt from ICQ session): "you know Ii feel sorry for you and all the world 9000 servers (which) are down :-)"
According to Reshef, PharmaMaster also told Blue Security that if he can't send spam, there will be no Internet. He also said that he will do whatever it takes to continue his fight but acknowledged the power of the Blue Community.
PharmaMaster (excerpt from ICQ session): "Blue found the right solution to stop spam, and I can't let this continue."
Blue Security is working hard to restore its community-based anti-spam service to its members, and has already started contacting the relevant authorities. Blue Security is working closely with its service providers and partners to help resolve the problems and mitigate risk.