Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Feedly, Evernote Hit With DDoS Attacks

RSS aggregator Feedly was hit with a distributed denial-of-service attack and an extortion demand today, both of which it is refusing to bend to.

RSS aggregator Feedly was hit with a distributed denial-of-service attack and an extortion demand today, both of which it is refusing to bend to.

According to the Feedly blog, cybercriminals began attacking the service at 2:04 a.m. PST and offered to stop the attack in exchange for money. The company refused to pay, and began working its network providers to mitigate the attack. In a message posted at 6:25 a.m. PST, the company wrote that it is making some changes to its infrastructure to bring the service back online.

“However, these things take some time to put into place and it may still be a few more hours before service is restored,” the company stated. “Thank you so much for your patience and for sticking with us. Remember, none of your data was compromised or lost in this attack.”

Joining Feedly among the ranks of businesses hit by DDoS attacks is Evernote, which was struck by an attack yesterday. It has since recovered.

“As is the nature of DDoS attacks, there was no data loss, and no accounts were compromised,” a spokesperson for Evernote told the BBC.

The exact size and nature of the DDoS attacks was not disclosed. Last month, security researchers at Akamai Technologies reported that they had observed a spike in Simple Network Management Protocol (SNMP) reflection attacks that started in April. In addition, researchers at Black Lotus predicted recently that new distributed reflected denial-of-service threats would likely lead to massive attacks in excess of 800 Gbps during the next 12 to 18 months. 

“A denial-of-service attack is unwelcome news, and angers customers who can’t access their data,” blogged security researcher Graham Cluley. “But it’s nothing like as bad as having your servers hacked and customer information stolen.”

Cluley blogged that he admired Feedly’s decision to ignore the demands of the attackers. Extortion schemes such as these are hardly new. Earlier this year for example, criminals targeted Basecamp and Meetup.com with DDoS attacks and issued similar demands.  

Advertisement. Scroll to continue reading.

“It’s right not to give in to the blackmailers who are essentially running an extortion racket, demanding that the cloud service pay up or be taken offline with their DDoS attack,” he blogged. “The danger of paying DDoS blackmailers is that you’re only encouraging them to attack you more, perhaps increasing their financial demands next time.”

“Let’s hope that whoever is behind the Feedly attack is identified, and brought to book,” he added.

Written By

Marketing professional with a background in journalism and a focus on IT security.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization's data security and resilience.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Defense contractor Nightwing has appointed Tricia Fitzmaurice as Chief Growth Officer.

Xage Security has appointed Russell McGuire as CRO and Ashraf Daqqa as VP of the META region.

Solana co-founder Stephen Akridge has been appointed the CEO of data protection firm Cyber Grant.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.