It is said that you can judge the mettle of a man by the quality of his enemies. So I guess it should be flattering when a group of individuals who appear dedicated to making misery for countless Internet users express glee at what they perceive as my misfortune.
Since my final posting on The Washington Post‘s Security Fix blog last year, I’ve been made aware of several discussions among different shadowy online groups who were apparently celebrating the end of that blog.
Some of those conversations I am not at liberty to point to here, but at least one of them is public: A thread on crutop.nu, a 8,000 member Russian language forum dedicated to Webmasters who specialize in high-risk Web sites, including rogue anti-virus software sales, pharmacy sites, and all manner of extreme porn (including beastiality and rape).
The last time I got this much attention from crutop.nu was last summer, when I published the results of a lengthy investigation that traced a huge number of rogue anti-virus Web site payment processing pages back to Crutop and to Chronopay, a Russian payment processing company that also specializes in high-risk sites. Indeed, that post concluded that the same individual was responsible for running both entities, (Chronopay founder Pavel Vrublevsky, a.k.a. “Redeye” on Crutop).
In this discussion on Crutop, members can be seen celebrating the demise of the Security Fix blog and my employment at The Washington Post, essentially saying that Santa Claus had answered their letters. Members then go on to discuss how I should be shot (among other indignities), as well as various search engine gaming schemes that might bury the rankings of my new blog at krebsonsecurity.com.
The entire thread (or least up until today) can be read by expanding the images below, in order, and viewing a rough translation. For whatever reason, the default view when you see the full sized image may start at the center of the page. If this happens, just scroll up and start from the top. Caution: Some of the language displayed in these posts may be offensive to some readers, and certain thumbnail images may not be appropriate for viewing at work.