Basecamp becomes latest victim of extortion-based DDoS attack

Share this article:
A number of major media websites were suffering problems Tuesday that stemmed from a DNS attack.
Basecamp has become the latest victim of extortion-based DDoS attack.

Basecamp is on high alert.

The provider of web and app-based project management tools has become the latest victim of an extortion-based distributed denial-of-service (DDoS) attack, the company said in a notification posted to Github on Monday.

“Note that this attack targets the network link between our servers and the internet,” according to the notification. “All the data is safe and sound, but nobody is able to get to it as long as the attack is being successfully executed.”

The attack peaked at 20 gigabytes per second and caused apps to be slow and unresponsive. It had mostly subsided as of Monday afternoon, but Basecamp warned users that a denial-of-service could begin again at any moment.

The attackers are thought to be the same group responsible for carrying out other recent extortion-based DDoS attacks – notably, Meetup and Hootsuite were hit earlier this month – because the attack came with a similar blackmail attempt.

An investigation is ongoing with law enforcement and, in order to catch the responsible party, Basecamp has joined forces with the victims of similar attacks, according to the notification, which adds that the blackmail came from an address matching this pattern, “dari***@gmail.com.”

“The only thing we're certain of is that, like Meetup, we will never negotiate [with] criminals, and we will not succumb to blackmail,” according to the notification. “That would only set us up as an easy target for future attacks.”

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

ISSA tackles workforce gap with career lifecycle program

ISSA tackles workforce gap with career lifecycle program ...

On Thursday, the group launched its Cybersecurity Career Lifecycle (CSCL) program.

Amplification DDoS attacks most popular, according to Symantec

Amplification DDoS attacks most popular, according to Symantec

The company noted in a whitepaper released on Tuesday that Domain Name Server amplification attacks have increased 183 percent between January and August.

Court shutters NY co. selling security software with "no value"

A federal court shut down Pairsys at the request of the Federal Trade Commission.