Spam from K2G


Rob Neff <rob@...>
 

Anyone else get spammed by K2G asking people to QSY to some freq and mode out of the blue? My wife did today. The PC and radio was on but no one was home, and she was still running JTALERT. We came home to find whomever it was had sent a generic message via JTALERT.

When asked about spam she was told “I have received hundreds of messages thanking me for letting them know and inviting them”.

So the question then becomes, did someone send hundreds of JTALERT messages one at a time or has someone figured out a way to spam a large number of people at the same time?

It’s one thing to have someone see you on PSKREPORTER and send you a message if you’re online and need the contact, but this was a bit more than that.

Rob KW2E


Michael Black
 

Yes...they are spamming everybody.  I've received several of these.



Mike W9MDB




On Monday, July 6, 2020, 11:16:24 PM CDT, Rob Neff via groups.io <rob@...> wrote:


Anyone else get spammed by K2G asking people to QSY to some freq and mode out of the blue? My wife did today. The PC and radio was on but no one was home, and she was still running JTALERT. We came home to find whomever it was had sent a generic message via JTALERT.

When asked about spam she was told “I have received hundreds of messages thanking me for letting them know and inviting them”.

So the question then becomes, did someone send hundreds of JTALERT messages one at a time or has someone figured out a way to spam a large number of people at the same time?

It’s one thing to have someone see you on PSKREPORTER and send you a message if you’re online and need the contact, but this was a bit more than that.

Rob KW2E



Michael Aust
 

Mike and Rob,

  From my experience, it would not be 
Too hard to do this with a Script File and 
or a Macro Builder to take to do this

   In Engineering, we had to do things 
when we had to get one program to talk
to another program

   Guess the Spammer knows a few things
that most hams do not know about these
days

73
Mike
WB6DJI 

Sent from AOL Mobile Mail
Get the new AOL app: mail.mobile.aol.com

On Monday, July 6, 2020, Michael Black via groups.io <mdblack98@...> wrote:

Yes...they are spamming everybody.  I've received several of these.



Mike W9MDB




On Monday, July 6, 2020, 11:16:24 PM CDT, Rob Neff via groups.io <rob@...> wrote:


Anyone else get spammed by K2G asking people to QSY to some freq and mode out of the blue? My wife did today. The PC and radio was on but no one was home, and she was still running JTALERT. We came home to find whomever it was had sent a generic message via JTALERT.

When asked about spam she was told “I have received hundreds of messages thanking me for letting them know and inviting them”.

So the question then becomes, did someone send hundreds of JTALERT messages one at a time or has someone figured out a way to spam a large number of people at the same time?

It’s one thing to have someone see you on PSKREPORTER and send you a message if you’re online and need the contact, but this was a bit more than that.

Rob KW2E



JTAlert Support (VK3AMA)
 

On 7/07/2020 2:35 pm, Michael Black via groups.io wrote:
Yes...they are spamming everybody.  I've received several of these.

Mike W9MDB

Does anyone know who the op is running K2G?

Unfortunately,  due to the log file size, I don't record the Text Message traffic hitting the Server. Only exceptions like timeouts & premature socket closed events are recorded. However, I can see the Text Message files stored on the Server that haven't been collected by the targeted Callsign and there are enough of them to draw some conclusions.
  • The Spamming occurred over a ~2 hour period. With no further messages received in the last 5 hours.

  • One message sent precisely every second indicating automation, not a manual-initiated messaging.
     
  • I was seeing multiple messages sent to the same Calling often 5 or 10 minutes apart.

  • Messages were sent either from JTAlert that was automated by a Macro type program or a script mimicking the JTAlert behavior.

  • A script would have required an initial sniffing of the. local network to determine who the messages are sent and the Handshaking involved.

  • Uncollected messages from that ~2hour period numbered 3000. Clearly this spamming numbered in the many thousands.

I have identified the originating IP address and blocked it on the Server firewall. That only keeps the honest people out. If the abuser is smart enough to automate this attack, they are smart enough to use a VPN or proxy server so they can change their public IP at will.


I suspect that the operator at K2G is monitoring this group. When I first started composing this email, they were on-line for Text Message receipt. Now that I have finished composing the email, they have gone off-line as I was about to send a nasty message.

de Laurie VK3AMA


JTAlert Support (VK3AMA)
 

On 7/07/2020 3:54 pm, HamApps Support (VK3AMA) via groups.io wrote:

I suspect that the operator at K2G is monitoring this group. When I first started composing this email, they were on-line for Text Message receipt. Now that I have finished composing the email, they have gone off-line as I was about to send a nasty message.

Disregard the above. Of course he went off-line, I had already blocked his IP at the Server so his status wasn't getting updated as he could no longer sign in to check for messages.

de Laurie VK3AMA


Michael Aust
 

Laurie

Suspect K2G automated their WSJT FT8
as a Robot Station with a automated Macro script in the way
they responded to contacts in this event

Oh well !

73
MA

-----Original Message-----
From: HamApps Support (VK3AMA) <vk3ama.ham.apps@...>
To: Support@HamApps.groups.io
Sent: Mon, Jul 6, 2020 10:54 pm
Subject: Re: [HamApps] Spam from K2G

On 7/07/2020 2:35 pm, Michael Black via groups.io wrote:
Yes...they are spamming everybody.  I've received several of these.

Mike W9MDB

Does anyone know who the op is running K2G?

Unfortunately,  due to the log file size, I don't record the Text Message traffic hitting the Server. Only exceptions like timeouts & premature socket closed events are recorded. However, I can see the Text Message files stored on the Server that haven't been collected by the targeted Callsign and there are enough of them to draw some conclusions.
  • The Spamming occurred over a ~2 hour period. With no further messages received in the last 5 hours.

  • One message sent precisely every second indicating automation, not a manual-initiated messaging.
     
  • I was seeing multiple messages sent to the same Calling often 5 or 10 minutes apart.

  • Messages were sent either from JTAlert that was automated by a Macro type program or a script mimicking the JTAlert behavior.

  • A script would have required an initial sniffing of the. local network to determine who the messages are sent and the Handshaking involved.

  • Uncollected messages from that ~2hour period numbered 3000. Clearly this spamming numbered in the many thousands.
I have identified the originating IP address and blocked it on the Server firewall. That only keeps the honest people out. If the abuser is smart enough to automate this attack, they are smart enough to use a VPN or proxy server so they can change their public IP at will.

I suspect that the operator at K2G is monitoring this group. When I first started composing this email, they were on-line for Text Message receipt. Now that I have finished composing the email, they have gone off-line as I was about to send a nasty message.
de Laurie VK3AMA


Gerald Klotz
 

I got one while I was offline and it came through when I went back online. He was doing the 13 colonies contest and was also on the Warc bands. He had several stations going at a time. At one time I saw him calling 6 stations and he kept calling. Which kept causing my software to stop sending to the station I was calling.


Gerry Klotz

On Jul 6, 2020, at 11:16 PM, Rob Neff via groups.io <rob=idahoparanormal.com@groups.io> wrote:

Anyone else get spammed by K2G asking people to QSY to some freq and mode out of the blue? My wife did today. The PC and radio was on but no one was home, and she was still running JTALERT. We came home to find whomever it was had sent a generic message via JTALERT.

When asked about spam she was told “I have received hundreds of messages thanking me for letting them know and inviting them”.

So the question then becomes, did someone send hundreds of JTALERT messages one at a time or has someone figured out a way to spam a large number of people at the same time?

It’s one thing to have someone see you on PSKREPORTER and send you a message if you’re online and need the contact, but this was a bit more than that.

Rob KW2E



wo4o RiC
 

You can ID the person who secured K2G for that particular date by looking online and performing a search at:

http://www.1x1callsigns.org/

73 de RiC wo4o
Grand Island FL


WB5JJJ - George
 

I was first keyed into his operation when I got a JTA F5 message to operate split (which I always do) a couple of days ago during the 13Col.  When I responded that I was, he said that it was not intended for me, but had a "glitch" in his macro and it was sent to all stations at once. 

Yes, he is in fact using a macro he wrote to send out hundreds of messages to all those that he has copied.  He initiated a JTA F5 chat about this and he even has a video on how he does it.  He's a younger guy and a software developer.  He also said that lots of hams don't like his methods, but it works for him. 

If it happens again, then I'll just block his callsign in JTA and not worry about the "spam".  Maybe Laurie could add something to the hamspots website to prevent this in the future. 
--
73's
George - WB5JJJ


scot
 

All,

very interesting that someone would do this to a SES that has been in operation for multiple years. My hope is that there is someone within that group that operated K2G that would educate him. Knowing this, I will not bother to work him in future years. It is not a good appearance for those that put on the special event either.

Scott
N2SAB


WB5JJJ - George
 

Laurie

Just sent you information via the Support email. 
--
73's
George - WB5JJJ


Thomas Mize KJ4GK
 

I am the one responsible for the messages being sent the last few days using JT Alert and I take FULL RESPONSIBILITY.

Allow me to explain please...

First off, this is absolutely embarrassing. My Name is Thomas Mize - KJ4GK and this is my first year volunteering to operate as K2G along with many others ops from GA for the 13 Colonies Special Event.

I am one of those type of guys that always tries to think out side the box. In a way, it is a good thing in many situations, but with what happened with this IT WAS NOT :(

What gave this idea, was what a fellow Ham said. He stated, that he wasn't having a lot of luck on the allocated frequencies even with spotting them.  The word wasn't getting out well enough.  Just by hearing him say that.  Once I got off the phone I had the idea popped off in my thick skull, I was like, "If I could send messages out to operators that are already on the band operating FT8/4 and Invite them over to the frequencies it would be GREAT!"

Then my thought was..."BUT...a big BUT, I cannot allow messages to be sent to anyone twice. In my mind that was the key. If people received messages more then once, this would NOT BE A GOOD THING AT ALL!!!

So I attempted to work on the program and found out that I wouldn't be able to implement the code to make sure it doesn't send to the same operator twice(A little over my head) so I jumped on a Freelance Site and Hired a Programmer for $80 to help me with this. I also told him only messages to be sent to operators that were online as well. I explained how important it was that people can't be sent the same message twice. I needed a database to be implemented.

The next day he sent the source over and it appeared to be working GREAT. I was getting a lot of replies thanking me so much for inviting them.  I was so happy because It was working and it was bringing people to the freq. BUT. . .

Last night I received my first message alerting me that a person had received a message more then once, for me to quit.  It startled me. Then I received another message a few minutes later, so I stopped the program IMMEDIATELY! 

This morning I woke up to find Laurie's message he had sent about the messages, then saw this in the group.io and my heart DROPPED. You can say the emotions I had was of ANGER mixed with Embarrassment.

I contacted the programmer right away and requested my money back and I let him know HOW UPSET I WAS!!!!!!!!!! that it had caused a uproar AMONG fellow Ham operators and that many people were very upset and that messages were being sent to people more then once which is the MOST IMPORTANT reason I hired him in the first place.

I am deeply sorry about this to everyone.   I was just wanting to think out side the box and do something that would help spread the word of the Event and to invite operators over to work K2G.  I was hoping if it worked out great I could share it with the other States for next year.  I see that it did help MANY people. I have received well over 100+ messages thanking me BUT it came with the expense of upsetting people which just isn't right.  Honestly since this happened, it has got me to pondering and thinking a lot. Even if it never sent to someone twice, I still am not to sure if it was a good idea at all.  I just wasn't thinking.  I'm just a guy that want to help people, I've always been that way, I'm 37 Years old and have 2 precious kids and thank God they took after me. They are the same way. 

Again I take full responsibility for this Laurie.  It in no way should reflect on K2G or any other operators as a group. I had this idea single handed and no one else used this but me. I have deleted the source code and the program and will no longer EVER use this again.

I just hope Laurie you will find it in your heart to forgive me.  My intentions were positive I promise, and now My IP Address which is my home IP address has been blocked. In response to one of your messages I wasn't behind a VPN. I don't own one. I was just trying to help.  I have only slept no more then 4 Hours every day so far for this event. I felt so privileged to be able to participate and now I feel terrible! I am one of the biggest Fans of JT Alert and have been enjoying it everyday for a whole year now. Being a programmer my self(No where near as good as you) I have a special respect for you as a programmer because I can fathom how much work it takes to keep something like this going out of the good will of your heart).

I repeat one last time, This will never happen again, I have deleted all the files. It was a good idea at the time that turned out to be a terrible one.  I am so sorry for anyone that I angered. 

Sincerely,

Thomas Mize  KJ4GK

If you can forgive me Laurie I would love to be able to use Hamspots and Jt Alert still. It has been a big part of my life for the last year. If not I understand.  I am on a static IP over here and it doesn't change as far as I know. 73 Everyone.


Michael Black
 

Proper contrition being shown Thomas...

The way to do this might have been to send an FT8 message like this periodically on the main FT8 section.  Just makes the 13 char maximum.

QSY K2G 14076

Mike W9MDB


On Tuesday, July 7, 2020, 12:19:59 PM CDT, Thomas Mize KJ4GK <threemanpro@...> wrote:


I am the one responsible for the messages being sent the last few days using JT Alert and I take FULL RESPONSIBILITY.

Allow me to explain please...

First off, this is absolutely embarrassing. My Name is Thomas Mize - KJ4GK and this is my first year volunteering to operate as K2G along with many others ops from GA for the 13 Colonies Special Event.

I am one of those type of guys that always tries to think out side the box. In a way, it is a good thing in many situations, but with what happened with this IT WAS NOT :(

What gave this idea, was what a fellow Ham said. He stated, that he wasn't having a lot of luck on the allocated frequencies even with spotting them.  The word wasn't getting out well enough.  Just by hearing him say that.  Once I got off the phone I had the idea popped off in my thick skull, I was like, "If I could send messages out to operators that are already on the band operating FT8/4 and Invite them over to the frequencies it would be GREAT!"

Then my thought was..."BUT...a big BUT, I cannot allow messages to be sent to anyone twice. In my mind that was the key. If people received messages more then once, this would NOT BE A GOOD THING AT ALL!!!

So I attempted to work on the program and found out that I wouldn't be able to implement the code to make sure it doesn't send to the same operator twice(A little over my head) so I jumped on a Freelance Site and Hired a Programmer for $80 to help me with this. I also told him only messages to be sent to operators that were online as well. I explained how important it was that people can't be sent the same message twice. I needed a database to be implemented.

The next day he sent the source over and it appeared to be working GREAT. I was getting a lot of replies thanking me so much for inviting them.  I was so happy because It was working and it was bringing people to the freq. BUT. . .

Last night I received my first message alerting me that a person had received a message more then once, for me to quit.  It startled me. Then I received another message a few minutes later, so I stopped the program IMMEDIATELY! 

This morning I woke up to find Laurie's message he had sent about the messages, then saw this in the group.io and my heart DROPPED. You can say the emotions I had was of ANGER mixed with Embarrassment.

I contacted the programmer right away and requested my money back and I let him know HOW UPSET I WAS!!!!!!!!!! that it had caused a uproar AMONG fellow Ham operators and that many people were very upset and that messages were being sent to people more then once which is the MOST IMPORTANT reason I hired him in the first place.

I am deeply sorry about this to everyone.   I was just wanting to think out side the box and do something that would help spread the word of the Event and to invite operators over to work K2G.  I was hoping if it worked out great I could share it with the other States for next year.  I see that it did help MANY people. I have received well over 100+ messages thanking me BUT it came with the expense of upsetting people which just isn't right.  Honestly since this happened, it has got me to pondering and thinking a lot. Even if it never sent to someone twice, I still am not to sure if it was a good idea at all.  I just wasn't thinking.  I'm just a guy that want to help people, I've always been that way, I'm 37 Years old and have 2 precious kids and thank God they took after me. They are the same way. 

Again I take full responsibility for this Laurie.  It in no way should reflect on K2G or any other operators as a group. I had this idea single handed and no one else used this but me. I have deleted the source code and the program and will no longer EVER use this again.

I just hope Laurie you will find it in your heart to forgive me.  My intentions were positive I promise, and now My IP Address which is my home IP address has been blocked. In response to one of your messages I wasn't behind a VPN. I don't own one. I was just trying to help.  I have only slept no more then 4 Hours every day so far for this event. I felt so privileged to be able to participate and now I feel terrible! I am one of the biggest Fans of JT Alert and have been enjoying it everyday for a whole year now. Being a programmer my self(No where near as good as you) I have a special respect for you as a programmer because I can fathom how much work it takes to keep something like this going out of the good will of your heart).

I repeat one last time, This will never happen again, I have deleted all the files. It was a good idea at the time that turned out to be a terrible one.  I am so sorry for anyone that I angered. 

Sincerely,

Thomas Mize  KJ4GK

If you can forgive me Laurie I would love to be able to use Hamspots and Jt Alert still. It has been a big part of my life for the last year. If not I understand.  I am on a static IP over here and it doesn't change as far as I know. 73 Everyone.


Thomas Mize KJ4GK
 

Hey bud, sorry if I caused you any problems. I only do 5 Streams outside. If it was someone doing 5 Streams on a reg frequency it sure wasn't me. I am no aware of any way to do 6 at one time but who knows what software there is out there.  You can work up to 5 Stations at one time doing F/H mode or Multi Stream mode. Again sorry if I caused you any trouble.


Thomas Mize KJ4GK
 

Actually that is a very very good idea. Thank you Michael.  What would be a good idea especially if you have been working a freq and are about to switch also.


Thomas Mize KJ4GK
 

He Michael Aust. I can't speak for others but I have been using MSHV for this contest. No external Robot Software.  When running Big Contest and Special Events like this Automation becomes a good friend :)  Especially when you have pile ups of 25 or more people.  There are macro external programs I have seen people using out there from watching videos on Youtube. It is crazy the idea people have.


Thomas Mize KJ4GK
 

Michael Black....It wasn't a they, It was just me bud. I just want to make sure it is very very very clear that I did this alone. I had good intentions so I could alert people to where I was at operating but it turned out to be a terrible Idea. I am sorry to have upset you or anyone else.


Thomas Mize KJ4GK
 

Laurie VK3AMA, It was Me. KJ4GK I wote a full explanation to this post.  I just hope to God you forgive me brother.


Frank Kirschner
 

No matter how many times you test it, you can never be sure of all the things software might do. Not a problem.

73,
Frank
KF6E

On Tue, Jul 7, 2020 at 1:45 PM Thomas Mize KJ4GK <threemanpro@...> wrote:
Laurie VK3AMA, It was Me. KJ4GK I wote a full explanation to this post.  I just hope to God you forgive me brother.


neil_zampella
 

FWIW ... I won't work anyone using MSHV's multi-threading.  The reason?  Despite multiple requests from the developers, and others, the MSHV developer will not block the use of the multithreading from the standard frequencies.      The use of such on the standard frequencies tends to cause confusion to other operators since they believe its WSJT-X DXPedtion mode, then are really confused as they can't use it on the normal frequencies.    Also, such use on the normal frequencies tends to cause even more crowding on an already crowded band.    

You, at least, did try to stay off the normal frequencies, so you should have used the original DXPedition mode in WSJT-X. 

My 2 cents,

Neil, KN3ILZ