Feedly and Evernote hit with DDoS after refusing to pay ransom
Denial-of-service attacks have taken down two popular web services, after one refused to pay a ransom demand.
Evernote’s service is returning to normal after a DDoS attack hit yesterday, while Feedly has been knocked offline after refusing to pay a ransom and stated on its blog that it is currently “working with our network providers to mitigate the attack as best as we can”.
Evernote said its service was now up and running, though “there may be a hiccup or two for the next 24 hours”. It wasn’t clear why the note-taking service was attacked.
The danger of paying DDoS blackmailers is that you’re only encouraging them to attack you more, perhaps increasing their financial demands next time
Feedly, on the other hand, pinned the blame more squarely. “Criminals are attacking Feedly with a distributed denial of service attack (DDoS),” it said in a post on its website. “The attacker is trying to extort us money to make it stop. We refused to give in and are working with our network providers to mitigate the attack as best as we can.”
The RSS feed service suggested others were also being hit by the attack, but didn’t say who, and said it was working with law enforcement.
Feedly stressed that no user data is at risk; users simply can’t access their feeds.
Security analyst Graham Cluley praised Feedly’s “plucky” response.
“It’s right not to give in to the blackmailers who are essentially running an extortion racket, demanding that the cloud service pay up or be taken offline with their DDoS attack,” he noted on a post on his blog. “The danger of paying DDoS blackmailers is that you’re only encouraging them to attack you more, perhaps increasing their financial demands next time.”