RSS service Feedly vows to resist DDoS extortionists
Popular news aggregator goes dark as hackers swamp its servers
Computerworld - RSS aggregator Feedly today vowed not to give in to an extortion demand backed by a distributed-denial-of service (DDoS) attack that knocked its site offline eary Wednesday.
Service was briefly restored at approximately 11:15 a.m. ET (8:15 a.m. PT), only to evaporate moments later. DDoS attacks, often launched from botnets of previously-compromised PCs, swamp a website's servers with huge quantities of traffic. The result: The site either slows to a crawl or goes dark.
"Criminals are attacking Feedly with a distributed denial of service attack. The attacker is trying to extort us money to make it stop. We refused to give in and are working with our network providers to mitigate the attack as best as we can," said Edwin Khodabakchian, Feedly CEO, in a statement at 5 a.m. ET (2 a.m. PT).
The Palo Alto-based Feedly became one of the most prominent RSS services last year after Google killed Google Reader.
Feedly had company. Evernote suffered a large-scale DDoS attack overnight, and was in the process of recovering early Wednesday.
At 9:25 a.m. ET (6:25 am. PT), Feedly said it had made some progress on bringing the site back up. "However, these things take some time to put into place and it may still be a few more hours before service is restored," the company said. "Thank you so much for your patience and for sticking with us."
Independent tools, including the Is It Down Right Now? website, confirmed that Feedly first went offline around 5 a.m. ET.
Security blogger Graham Cluley applauded Feedly for standing up to the extortionists. "I admire Feedly's attitude," Cluley said on his blog Wednesday. "It's right not to give in to the blackmailers who are essentially running an extortion racket, demanding that the cloud service pay up or be taken offline with their DDoS attack."
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg's RSS feed . His email address is email@example.com.
Read more about Malware and Vulnerabilities in Computerworld's Malware and Vulnerabilities Topic Center.
- Fight Malware, Malfeasance and Malingering Every year brings more extreme sets of threats than the last. The good news is that there are a range of mitigation options....
- Comprehensive Advanced Threat Defense The hot topic in the information security industry these days is "Advanced Threat Defense" (ATD). This paper describes a comprehensive, network-based approach to...
- Advanced Threat Defense: A Comprehensive Approach In this interview, Peter George, president, General Dynamics Fidelis Cybersecurity Solutions, explains why we need more than anti-malware, and what constitutes a comprehensive...
- Who's Spying on You? You're aware of the threats of malware to your business but what about the ever-changing ground rules? Cybercriminals today are launching attacks against...
- NSS Labs & Cisco Present: Evaluating Leading Breach Detection Systems Today's constantly evolving advanced malware and APTs can evade point-in-time defenses to penetrate networks. Security professionals must evolve their strategy in lockstep to...
- Will the Real Endpoint Threat Detection and Response Please Stand Up? This webinar explores new technologies & process for protecting endpoints from advanced attackers as well as the innovations that are pushing the envelope... All Malware and Vulnerabilities White Papers | Webcasts