Three email service providers have been hit by a massive distributed denial of service (DDoS) attack that has forced them to shut down for extended periods of time.
https:// posteo.de/en/blog/important-possible-disturbances-due-to-ddos
To our posteo customers.
We would like to inform you that we received a massive DDoS attack yesterday and today. This caused network interruptions and delays yesterday morning and evening, and limited some of our availability.
The attackers were Runbox (a privacy email provider based in Norway), Posteo (a secure email provider based in Germany), and Fastmail (a privacy-first email provider based in Australia ).
Posteo, in a blog post
We have received threatening letters and demands for money. However we have no intention of paying the amount demanded.
We believe that companies should not allow themselves to be blackmailed by criminals under any circumstances.
They should not allow themselves to be blackmailed by criminals under any circumstances, because doing otherwise makes them even more attractive to criminals, and DDoS attacks are often unstoppable even if you pay for them.
Fastmail and Runbox have not disclosed that they have received similar ransom demands, but a person familiar with the matter said that these attacks were carried out by the same threat group. It is believed that similar ransom demands have been sent to these two companies as well.
In addition, UK VoIP provider Voipfone and game server provider Sparked were also hit by similar DDoS attacks, but these attacks are believed to have been carried out by a different threat group, unrelated to the organized attacks on email providers. It is believed that these attacks were not related to a coordinated attack on email providers, but were carried out by a different threat group.
Although overshadowed by the blackmail crimes perpetrated by ransomware groups, threat groups that use DDoS attacks to force companies to pay ransoms remain active.
In September 2021, we had just discovered multiple DDoS attacks of extortion against Internet service providers and financial institutions in several countries, including Russia, the UK, the US, and New Zealand.
Comments