• United States



Senior Staff Writer

Feedly hit by DDoS after refusing extortion demands

Jun 11, 20142 mins
Cloud SecurityCybercrimeData and Information Security

RSS aggregation service knocked offline after ransom wasn't paid

Hours after Evernote was taken offline due to a DDoS attack, RSS aggregation service Feedly has said they too are fighting a DDoS attack, which has crippled their services.

Making matters worse – Feedly is the latest victim of DDoS extortion, as the attack started once they refused to pay a ransom that would have prevented it.

Shortly after 5:00 a.m. EST, Feedly posted a status update to their blog explaining the outage:

“Criminals are attacking feedly with a distributed denial of service attack (DDoS). The attacker is trying to extort us money to make it stop. We refused to give in and are working with our network providers to mitigate the attack as best as we can. We are working in parallel with other victims of the same group and with law enforcement”

Feedly mentions extortion, and the fact that the group making the demands also claimed other victims. So it’s possible then, that Feedly is referencing the attacks on Meetup and Basecamp.

In March, both Meetup and Basecamp were told to pay $300 ransom, or face a DDoS attack. In each case, the victims refused the pay fee, and as a result the attackers launched a massive DDoS attack. In addition to Meetup and Basecamp, the same group also targeted GitHub and Fotolia.

Speaking to the ransom demand, shortly after his company came under attack, Meetup’s Co-Founder and CEO, Scott Heiferman, said the amount demanded is significant.

“The extortion dollar amount suggests this to be the work of amateurs, but the attack is sophisticated. We believe this low-ball amount is a trick to see if we are the kind of target who would pay. We believe if we pay, the criminals would simply demand much more.”

Extortion attempts are nothing new, and experts agree that paying the ransom only solves the problem in the short term.

“Giving into their demands might make the pain go away in the short term, but the long term results aren’t worth it as the price always goes up,” Dan Holden, director of security research at Arbor Networks, told CSO in an interview last March.

The Hash has reached out to Feedly for more information, and will update this story once it becomes available.