Fw: Google Usenet Abuse Complaint - Spam Denial of Service Attack

[Syber Shock]

From: "sybershock.com" <ad...@sybershock.com>
To: networ...@google.com
Cc: ab...@google.com, abuseco...@markmonitor.com
Subject: Usenet Abuse Complaint - Spam Denial of Service Attack
Date: Thu, 14 Sep 2023 15:29:59 -0500

Since 8/31 the last 10000 messages I polled from Usenet group
'sci.crypt' are mostly automated spam originating with google path
headers.

Only 44 messages were found that are not spam. This means that roughly
99.56% of all messages in the group are spam originating with google
servers.

This flood attack has persisted for months.

Please put an end to this flood attack.

Google groups users have been running a long-term spam flood attack on
newsgroup 'sci.crypt' for a long time. This spam flood is causing a
sustained denial of service attack on the group. The google groups
service is enabling a months-long denial of service attack to persist.

The attackers are flooding thousands of spam messages into the
newsgroup. In the last two weeks it appears they spammers have flooded
at least 10,000 messages into the newsgroup.

This spam attack of thousands of spam messages has rendered the Usenet
group unusable. It is not feasible to filter out these many spam
messages by sender names. The nymshifters just keep nymshifting and
their flood continues unabated. This is just so far beyond ridiculous
that I have no words for it.

The messages are for illegal pharmaceutical sales and bitcoin scams,
illegal blackhat services and similar garbage. They are not legitimate
messages. They are not 'protected speech'.

Please analyze the flood of spam in 'sci.crypt' and terminate the
offending accounts. The only right action against these network abusers
is outright account termination. Please also note that many of the spam
ads advertise drugs and illegal computer penetration services which may
violate laws in jurisdictions involved.

Please in the future severely throttle all user posts to the
group sci.crypt and Usenet in general. It seems cheap and easy for
spammers to utilize google services as a vector for DDoS spamming
against Usenet. Long-time users of the group, 'sci.crypt' are either
being denied service, or severely annoyed by the endless flood of spam.

In the time it took me to write this short email dozens more spam
messages have flooded the newsgroup. Almost all of those messages
originate from google services in the Path headers. This flood attack
is ongoing 24/7 and is clearly an automated attack and it must be
stopped.

I also request that google post nocem and cancel messages for the last
50 thousand or so sci.crypt spam posts originating from google servers.
Please clean up the mess.

Thank you for your attention to this matter. I look forward to a valid
response indicating action to resolve this matter.

--
SugarBug | https://sybershock.com | NNTP | Usenet | Forum
Fediverse | https://syfershock.com/users/syfershock
NightBulb | https://nightbulb.net | Flip the night switch.

[Syber Shock]

I am starting this thread to document complaints to Google to resolve
the tsunami of Usenet spam originating with their servers. The spam
flood attack has persisted for a very long time.

Since 8/31 the last 10000 messages I polled from Usenet group
'sci.crypt' are mostly automated spam originating with google path
headers.

Only 44 messages were found that are not spam. This means that roughly
99.56% of all messages in the group are spam originating with google
servers.

I suggest others file abuse complaints with Google, then post copies of
those complaints as follow-ups to this thread in news.admin.peering.
This way we can document efforts to request Google cease enabling the
spam abuse.

[Syber Shock]

I notified Hacker News.

https://news.ycombinator.com/item?id=37514999

Maybe someone there might know someone who knows someone ...

[Syber Shock]

Via fediverse: https://syfershock.com/notice/AZlzdB0gaxGseGDHuK

@arste...@mastodon.social
@there...@geeknews.chat

At over 40 years old, Usenet is the oldest sharing network in
continuous operation. Today Usenet is under sustained attack from
malicious spammers and con artists. Most newsgroup charters prohibit
commercial advertisement or solicitation. Yet the upstream providers do
nothing to block such messages. What's worse, the services advertised
in many of the spam messages are illegal and fraudulent.

Maybe some investigators at the tech zines might want to inquire why
Google News has allowed a massive tsunami of illegal drug sales,
bitcoin fraud, and illegal blackhat services spam to flood Usenet
newsgroups?

The spam is so voluminous that newsgroup 'sci.crypt' has virtually been
rendered inaccessible by spam DDoS. Some usenet reader softwares don't
have the filtering facility to weed out all the garbage.

All my prior abuse complaints to Google and other major Usenet
providers have not been addressed or resolved. Therefore from now
onward I will be documenting them on Usenet. We want our sci.crypt back
from the malicious spammers and the Usenet providers that enable them
to operate with impunity.

If you know anyone who investigates and reports on this kind of stuff
please alert them. Maybe a little bit of attention will spur resolute
action.

I hope for an outcome of 100% elimination of all the drug, fraud,
blackhat, and DDoS spam and measures taken to prevent any repeat in the
future. Any Usenet provider that claims they shouldn't need to prevent
spam shouldn't be running a NNTP server peered to Usenet.

https://sybershock.com/forum/random/article-flat.php?id=383&group=news.admin.peering#383

[Syber Shock]

Re: Google Usenet Abuse Complaint - Spam Denial of Service Attack

I found a better newsgroup for this topic. I am going to move all
future posts for this discussion to newsgroup:

news.admin.net-abuse.usenet

... since that group is specifically for this subject.

Subscribe to that news.admin.net-abuse.usenet to follow the new thread
with the same subject. To save clutter and noise in the peering group
please follow up in the new group only.

There you may also view prior threads about the Google spam.

[Rich]

In sci.crypt Syber Shock <ad...@sybershock.com> wrote:
> I am starting this thread to document complaints to Google to resolve
> the tsunami of Usenet spam originating with their servers. The spam
> flood attack has persisted for a very long time.

It appears that somewhere among your broadcasting this issue that
someone at google took notice and finally did something.

The spam torrent seems to (for now) have stopped.

[Retro Guy]

It may be that your provider is modifying filters and catching most of it. I have been doing so at i2pn2.org and it would appear to a user that the flood has stopped here, but it has not.

Looking at paganini.bofh.team, I see at least 3,000 new messages (spam) coming in over the last 16 hours or so in sci.crypt.

[Rich]

Ok, Eternal September did not receive 3k messages in the last 16 hours,
so this looks like ES doing some filtering of the google firehose of
spam.

So all are asleep at google, as usual.

[Retro Guy]

On Mon, 18 Sep 2023 15:29:27 -0000 (UTC)

Sounds like E-S is doing a good job!

> So all are asleep at google, as usual.

That's google for you. Try to send email to gmail and they treat you like a scammer. I know, I've been blocked (my mail server), and I used to need to tell clients that since they provided me a gmail address, they may never see the stuff I need to send them from a (big) company address.

Then, they (google) are the number one source of spam on Usenet, but they don't care.


--
Retro Guy <retr...@novabbs.org>

[Peter Pearson]

I can confirm that the flood from Google continues. In the
past 3 hours, 204 new spam messages from GoogleGroups have
shown up on sci.crypt as provided by my provider, individual.net.


--
To email me, substitute nowhere->runbox, invalid->com.

[Syber Shock]

On Mon, 18 Sep 2023 14:35:32 -0000 (UTC)
Rich <ri...@example.invalid> wrote:

Complaints got through the grapevine. Now may the spam stay stopped.

Knock on wood.

--
38...@sugar.bug | web: sybershock.com | news: alt.sources.crypto

[Retro Guy]

There have been 26 new spam messages from google groups since you posted this.

It's just being filtered here. Also on eternal september.

[Syber Shock]

On 18 Sep 2023 17:38:41 GMT
Peter Pearson <pkpe...@nowhere.invalid> wrote:

<snip>

> I can confirm that the flood from Google continues. In the
> past 3 hours, 204 new spam messages from GoogleGroups have
> shown up on sci.crypt as provided by my provider, individual.net.

You could file an abuse complaint with individual.net and ask that
they block Google until Google resolves the spam. If they refuse to
remediate you can then post about it here to add to the record.

[Rich]

Confirmation then that ES has turned on some form of spam filter for
the group.

The only posts that have arrived from ES have been us discussing
things.

[Phil Carmody]

Retro Guy <retr...@novabbs.org> writes:
> On Mon, 18 Sep 2023 15:29:27 -0000 (UTC)
> Rich <ri...@example.invalid> wrote:
>
>> Retro Guy <retr...@novabbs.org> wrote:
>> > On Mon, 18 Sep 2023 14:35:32 -0000 (UTC)
>> > Rich <ri...@example.invalid> wrote:
>> >
>> >> In sci.crypt Syber Shock <ad...@sybershock.com> wrote:
>> >> > I am starting this thread to document complaints to Google to resolve
>> >> > the tsunami of Usenet spam originating with their servers. The spam
>> >> > flood attack has persisted for a very long time.
>> >>
>> >> It appears that somewhere among your broadcasting this issue that
>> >> someone at google took notice and finally did something.
>> >>
>> >> The spam torrent seems to (for now) have stopped.
>> >
>> > It may be that your provider is modifying filters and catching most
>> > of it. I have been doing so at i2pn2.org and it would appear to a
>> > user that the flood has stopped here, but it has not.
>> >
>> > Looking at paganini.bofh.team, I see at least 3,000 new messages
>> > (spam) coming in over the last 16 hours or so in sci.crypt.
>>
>> Ok, Eternal September did not receive 3k messages in the last 16 hours,
>> so this looks like ES doing some filtering of the google firehose of
>> spam.
>
> Sounds like E-S is doing a good job!

They took their time, but eventually is far better than never.

>> So all are asleep at google, as usual.
>
> That's google for you. Try to send email to gmail and they treat you
> like a scammer. I know, I've been blocked (my mail server), and I used
> to need to tell clients that since they provided me a gmail address,
> they may never see the stuff I need to send them from a (big) company
> address.
>
> Then, they (google) are the number one source of spam on Usenet, but they don't care.

Indeed. However, google groups have been making some changes in the last
few days. In some other groups, some GG posters have had their posting
names mangled against their will to being just the newsgroup name.
In groups with several GG posters, that's made things very complicated,
as they all superficially looked alike.

So one is led to believe that not only do they don't employ people who
can write code, but they don't employ testers either. Or everyone's
completely incompetent. No evidence to contradict that yet.

Phil
--
We are no longer hunters and nomads. No longer awed and frightened, as we have
gained some understanding of the world in which we live. As such, we can cast
aside childish remnants from the dawn of our civilization.
-- NotSanguine on SoylentNews, after Eugen Weber in /The Western Tradition/

[Cherry Roberts]

RECOVERY OF LOST FUNDS (BINARY OPTIONS, BITCOINS, LOAN SCAM).
THINGS YOU NEED TO KNOW ABOUT THE SWIFT FOX CODER , hiring a professional cyber security agency has been one of the world most technical valued navigating information. High prolific information and Privileges comes rare as it has been understood that what people do not see, they will never know.
Welcome to the SWIFTFOX CODER agency where every request concerning lost funds are recovered within a short period of time.
The crucial benefit of contacting The Pinnacle Financials recovery company is
• ZERO TRACES: After a successful penetration recovery is carried out by the SWIFT FOX CODER, no active or passive attacks will be used to trace any of our actions to our clients or our organization. One common practice that attackers employ to evade detection is to break into poorly secured systems and use those hijacked systems as proxies through which they can launch and route attacks. Attackers effort on this platform are useless because we use a strong proxy firewall switching and a firm security system to prevent unauthorized bodies from tracking or modifying our network accessible resources. I.e the hacker and clients are 100% safe and anonymous.
WEBSITE : https://swiftfoxcoder.wixsite.com/website
EMAIL : recoveryexpert @ swiftfoxcoder. tech
ADVANTAGE TO CLIENTS:
after helping a client recover all money lost to fraudulent practices, most of this clients comes back requesting we provide the same service in disguise as another person. We found a way to issue serial Numbers to each clients who seeks our help and services for identification purposes because we are not interested in you
r names nor location. But we urge that individuals shouldn't abuse this opportunities as we have provided value to you.
However, on this platform of recovery, you will be assigned to a designated professional recovery platform who is systematically known for operating on a dark web protocol. The operation of these hackers is to potentially deploy a distinguished cyber security technique to retrieving back the victims stolen funds via the application of a diverse CM breacher which enables you to track the data location of a scammer and extract every data on the con database. This is achieved using the systematic courier tracking method.
Which of the uneasy situation do you find yourself in right now?
(BITCOIN INVESTMENTS, BINARY OPTIONS OR LOAN SCAM?
This shocking study points to one harsh reality we all faced with today. It saddens our mind when a client expresses annoyance or dissatisfaction of unethical behaviors of scammers. We have striven to make tenacious efforts to help those who are victims of this fleas get off their traumatic feeling of loss

* HACK INTO WHATSAPP, FACEBOOK, EMAIL BOX, INSTAGRAM, TEXT MESSAGES ETC.
> * GENERAL PHONE HACKING AND SPY,
> * RECOVER YOUR MONEY FROM SCAMMERS.
> * FREE BITCOIN LOADING AND PAYPAL LOADING, WE SHARE ON %.
> * MOBILE PHONE MONITOR/HACK.
> * HACK, UPGRADE AND CHANGE UNIVERSITY GRADES.
> * HACK INTO ANY BANK WEBSITE AND TRANSFER MONEY.
> * HACK INTO ANY COMPANY WEBSITE DATABASE.
> * HACK INTO ANY GOVERNMENT AGENCY WEBSITE DATABASE.
> * HACK INTO ANY DATABASE SYSTEM AND GRANT YOU ADMIN PRIVILEGES.
> * WIPE CRIMINAL RECORDS FROM ALL DATABASE
> * BUY HACKED PAYPAL ACCOUNT.
> * HACK WORDPRESS BLOGS.
> * SERVER CRASHED HACK.
> * BUY VERIFIED AND GENUINE INTERNATIONAL PASSPORT OF ANY COUNTRIES OF YOUR CHOICE.
> * WE HELP WITH MONEY LAUNDERING TO ANY COUNTRIES.
> * Untraceable IP

WEBSITE : https://swiftfoxcoder.wixsite.com/website
EMAIL : recoveryexpert @ swiftfoxcoder. tech
WEBSITE : https://swiftfoxcoder.wixsite.com/website
EMAIL : recoveryexpert @ swiftfoxcoder. tech
TELEGRAM : TECHFOX99

[Retro Guy]

It's difficult for a usenet admin to be aware of every group that's being spammed. It helps if someone notifies them.

>
> >> So all are asleep at google, as usual.
> >
> > That's google for you. Try to send email to gmail and they treat you
> > like a scammer. I know, I've been blocked (my mail server), and I used
> > to need to tell clients that since they provided me a gmail address,
> > they may never see the stuff I need to send them from a (big) company
> > address.
> >
> > Then, they (google) are the number one source of spam on Usenet, but they don't care.
>
> Indeed. However, google groups have been making some changes in the last
> few days. In some other groups, some GG posters have had their posting
> names mangled against their will to being just the newsgroup name.
> In groups with several GG posters, that's made things very complicated,
> as they all superficially looked alike.
>
> So one is led to believe that not only do they don't employ people who
> can write code, but they don't employ testers either. Or everyone's
> completely incompetent. No evidence to contradict that yet.

I agree with that. I saw the bug, users showing up as the group name. Maybe they should try testing on a test site.

[Phil Carmody]

I'd be happy with them just throwing their hands up in the air, saying
"we failed, and we didn't deliver on our promises", and walking away.
After making their entire archive publicly available. They've been
nothing but a blight on usenet almost from day 1, and they're now up to
day 8257.

[Syber Shock]

An article circa 2009 ...

"The primary problem with Google Groups boils down to a systemic
failure to contain and manage spam."

"Without fail an onslaught of spam will start to come through your
group – I’ve even seen it happen within the first day. It happens to
every group and doesn’t matter how well you advertise it (or try to
hide it). After having watched Google Groups for as long as I have I
can only assume that there exists no spam filtering whatsoever. Or, if
there is any, it’s the most grossly incompetent spam filter I’ve ever
seen."

https://johnresig.com/blog/google-groups-is-dead/

This aged well.

[Syber Shock]

On Thu, 21 Sep 2023 10:28:44 +0300
Phil Carmody <pc+u...@asdf.org> wrote:

> I'd be happy with them just throwing their hands up in the air, saying
> "we failed, and we didn't deliver on our promises", and walking away.
> After making their entire archive publicly available. They've been
> nothing but a blight on usenet almost from day 1, and they're now up
> to day 8257.

Spamtember 8257, 2001.

The gremlins in the machine in this era are the spam ghouls of Google
Groups' eternal Spamtember, rather than AOL n00bz.

"Embrace, extend, extinguish." Don't be EEEvil.

[stevejacobdan]

Steve Jacob Dan, also known as Stive Jean-Paul Dan, has a troubling history of criminal activities. He changed his name after facing multiple convictions. His birth certificate transition is documented, suggesting an attempt to conceal his past. Dan is the owner of Safrax, a company with questionable associations.

He was convicted of stealing 1000 bitcoins in a significant judgment on April 28, 2022, as revealed in the legal document. Furthermore, a proprietary injunction from January 8, 2021, raises more concerns about his financial dealings.

Dan faces legal issues in the USA for financial fraud and is at risk of arrest upon reentry. Shockingly, he continues to receive social welfare benefits in France.

Collaborating with Carl Stephane Jacques Provenzal, they jointly own the dubious company Transcom Panama. Currently residing in Colombia with his Venezuelan partner, Yohaly Yeseny Sierraalta Torres, Steve Jacob Dan's criminal past remains a source of concern.

Steve Jacob Dan is the same person as Stive Jean-Paul Dan. Stive Jean-Paul Dan changed his name after several convictions into Steve Jacob Dan, birth certificate:
https://i.postimg.cc/nhS1SJqy/birth-certificate-stevejacobdan.jpg

Steve is owner of Safrax (www.safrax.com):
https://www.dnb.com/business-directory/company-profiles.safrax_colombia_sas.de0412e55d9d01162421b3dfef10e2e4.html

this low life scammer got convicted for theft of 1000 bitcoin:
Judgment 28 April 2022:
https://www.hklii.hk/cgi-bin/sinodisp/eng/hk/cases/hkcfi/2022/1254.html

Proprietary injunction 8 Jan 2021:
https://www.hklii.hk/cgi-bin/sinodisp/eng/hk/cases/hkcfi/2021/1078.html

Steve Jacob Dan aka Stive Jean-Paul Dan is convicted of financial fraud in USA and will be arrested once he enters USA:
https://mugshots.com/US-States/Georgia/Dawson-County-GA/Stive-Jean-Paul-Dan.20369574.html

In the mean time, this scammer gets social welfare benefits in France:
https://postimg.cc/LJn91qkC

Together with CARL STEPHANE JACQUES PROVENZAL (aka Carl Provenzal) they own the scam company Transcom Panama:
https://opencorporates.com/officers/370803421

Steve Jacob Dan now lives in Colombia with his Venezuelan "wife"; YOHALY YESENY SIERRAALTA TORRES:
https://docdro.id/RLc6BB3