RSS service Feedly vows to resist DDoS extortionists
Popular news aggregator goes dark as hackers swamp its servers
Computerworld - RSS aggregator Feedly today vowed not to give in to an extortion demand backed by a distributed-denial-of service (DDoS) attack that knocked its site offline eary Wednesday.
Service was briefly restored at approximately 11:15 a.m. ET (8:15 a.m. PT), only to evaporate moments later. DDoS attacks, often launched from botnets of previously-compromised PCs, swamp a website's servers with huge quantities of traffic. The result: The site either slows to a crawl or goes dark.
"Criminals are attacking Feedly with a distributed denial of service attack. The attacker is trying to extort us money to make it stop. We refused to give in and are working with our network providers to mitigate the attack as best as we can," said Edwin Khodabakchian, Feedly CEO, in a statement at 5 a.m. ET (2 a.m. PT).
The Palo Alto-based Feedly became one of the most prominent RSS services last year after Google killed Google Reader.
Feedly had company. Evernote suffered a large-scale DDoS attack overnight, and was in the process of recovering early Wednesday.
At 9:25 a.m. ET (6:25 am. PT), Feedly said it had made some progress on bringing the site back up. "However, these things take some time to put into place and it may still be a few more hours before service is restored," the company said. "Thank you so much for your patience and for sticking with us."
Independent tools, including the Is It Down Right Now? website, confirmed that Feedly first went offline around 5 a.m. ET.
Security blogger Graham Cluley applauded Feedly for standing up to the extortionists. "I admire Feedly's attitude," Cluley said on his blog Wednesday. "It's right not to give in to the blackmailers who are essentially running an extortion racket, demanding that the cloud service pay up or be taken offline with their DDoS attack."
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg's RSS feed . His email address is firstname.lastname@example.org.
Read more about Malware and Vulnerabilities in Computerworld's Malware and Vulnerabilities Topic Center.
- Comprehensive Advanced Threat Defense The hot topic in the information security industry these days is "Advanced Threat Defense" (ATD). This paper describes a comprehensive, network-based approach to...
- Advanced Threat Defense: A Comprehensive Approach In this interview, Peter George, president, General Dynamics Fidelis Cybersecurity Solutions, explains why we need more than anti-malware, and what constitutes a comprehensive...
- Who's Spying on You? You're aware of the threats of malware to your business but what about the ever-changing ground rules? Cybercriminals today are launching attacks against...
- Big Data, Big Mess: Sound Risk Intelligence Through Complete Context This paper examines the insecurity of the small businesses in the supply chain and offers tips to close those backdoors into the enterprise.
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Why Are Customers Really Deploying an NGFW? It seems every IT Security expert is talking about the NGFW, but what are people really doing? This webcast covers 5 real-world customer... All Malware and Vulnerabilities White Papers | Webcasts