Last night some negative actors (or bored teenagers) were hard at work launching distributed denial of service attacks against the popular note taking site, Evernote, music site, Deezer and the RSS aggregator, Feedly.
Evernote didn't have much information posted about their attack at the time of this writing with the exception of three posts in their Twitter timeline. The details are unclear in the particular instance.
They are now back up and running. Feedly also suffered an attack last night. In this case they were being attacked by criminals who were demanding that they pay a ransom or be knocked offline. To their credit they told the criminals to go pound sand.
2:04am PST – Criminals are attacking feedly with a distributed denial of service attack (DDoS). The attacker is trying to extort us money to make it stop. We refused to give in and are working with our network providers to mitigate the attack as best as we can.
Good for them. This is a problem that won't go away. If you pay once there is nothing to stop them from returning for more money later.
This week Akamai (full disclosure: my day job) released an advisory discussing this very problem. There has been a noticeable increase in attacks that were extortion based.
Attackers are using reflected UDP to launch direct-to-origin denial of service attacks at e-commerce sites, then demanding payment to stop the attacks, CSIRT's Mike Kun wrote in an advisory.
"We have seen these extortion attempts target e-commerce and retail sites, as well as online collaboration sites, but all sectors are vulnerable," Kun wrote.
So, this begs the question. What are you doing to defend your site? Fairly safe to say that this problem won't get better any time soon.
(Image used under CC from Morgan)