Basecamp, a project management application, is the latest victim of an extortion scheme that promises DDoS attacks unless a ransom is paid. Basecamp, a project management application, is the latest victim of an extortion scheme that promises DDoS attacks unless a ransom is paid. The service was down for several hours on Monday as attackers slammed the network with malicious packets. “This attack was launched together with a blackmail attempt that sought to have us pay to avoid this assault,” Basecamp’s David Heinemeier Hansson said in a status update on GitHub. “The only thing we’re certain of is that, like Meetup, we will never negotiate by criminals, and we will not succumb to blackmail. That would only set us up as an easy target for future attacks,” Hansson said. According to law enforcement, Meetup and Basecamp are just two of the victims who were blackmailed, Fotolia, GitHub, and many others were also targeted by the same person / people. “We’ve pooled our law enforcement efforts with the other victims now, and are working with the same agent on the case. While tracking down these criminals is notoriously hard, we’ll do our very best to bring them to justice,” Hansson added. By mid-morning on Monday, service had been restored to 95 percent of the network, but Hansson explained that there was no guarantee that the attacks wouldn’t resume. At peak, the DDoS reached 20 Gpbs, low on the scale of other attacks, but enough to force the service to shutdown. “Other victims have told us about how the attacker would take a break, and then try again later with a different method. Hopefully that will not be the case, but we remain on the highest alert for now.” The company has promised a full incident report within 48-hours, assuming the attacks do not resume. Related content news Gwinnett Medical Center investigating possible data breach After being contacted by Salted Hash, Gwinnett Medical Center has confirmed they're investigating a security incident By Steve Ragan Oct 02, 2018 6 mins Regulation Data Breach Hacking news Facebook: 30 million accounts impacted by security flaw (updated) In a blog post, Facebook’s VP of product management Guy Rosen said the attackers exploited a flaw in the website's 'View As' function By Steve Ragan Sep 28, 2018 4 mins Data Breach Security news Scammers pose as CNN's Wolf Blitzer, target security professionals Did they really think this would work? By Steve Ragan Sep 04, 2018 2 mins Phishing Social Engineering Security news Congress pushes MITRE to fix CVE program, suggests regular reviews and stable funding After a year of investigation into the Common Vulnerabilities and Exposures (CVE) program, the Energy and Commerce Committee has some suggestions as to how it can be improved By Steve Ragan Aug 27, 2018 3 mins Vulnerabilities Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe