Meetup battles prolonged DDoS attack

Share this article:
DDoS attacks continue to grow in size
Social networking portal Meetup has been hit with a prolonged DDoS attack.

Social networking portal Meetup has been hit with a prolonged distributed denial-of-service (DDoS) attack that has caused intermittent outages for days.

At the time of this report, the site was not available.

According to a blog post by the company, the DDoS attack initially took place on Thursday morning, causing its website and apps to be unavailable to its members. While service was partially restored later in the day, another wave of malicious traffic knocked the website offline Saturday evening.

The Meetup team once again managed to restore service for “most people” in the early Sunday hours, but it was once again affected by the attack in the evening.

Throughout the incident, the company has stressed that no sensitive information was been affected.

“Organizer and member data is secure, including credit card information,” the company post reads. “No data has been accessed or stolen.”

This has been the longest downtime the company has experienced in its 12 years of operation, according to a blog post by Meetup Co-founder and CEO, Scott Heiferman.

In his address to Meetup members, he shared an email from the attacker who attempted to extort the company prior to conducting the DDoS attack.

“A competitor asked me to perform a DDoS attack on your website,” the criminal wrote. “I can stop the attack for $300 USD. Let me know if you are interested in my offer.”

The attack began shortly after receiving the message.

According to Heiferman, Meetup did not pay the “ridiculously small” fee because it did not want to negotiate with criminals and felt that judging by the amount that was asked, the attack, although sophisticated, was the work of amateurs.

He believes that succumbing to the threat would have only led to a higher demand in the future, as well as additional attacks since “word spreads in the criminal world.”

According to a report by TechCrunch, Meetup has confirmed that it has enlisted the help of CloudFlare, a San Francisco-based security and site performance service provider, to mitigate the attacks.

CloudFlare recently battled a massive NTP reflection DDoS attack that “peaked just shy of 400 [gigabytes per second],” according to CloudFlare CEO, Matthew Prince.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Email promises free pizza, ensnares victims in Asprox botnet instead

Email promises free pizza, ensnares victims in Asprox ...

Cloudmark came upon an email that offers free pizza, but clicking on the link to get the coupon ends with victims being ensnared in a botnet.

Report: most orgs lacking in response team, policies to address cyber incidents

In its Q3 threat intelligence report, Solutionary learned that 75 percent of organizations it assisted had no response team or policies and procedures to address cyber incidents.

Flash redirect campaign impacts Carnegie Mellon page, leads to Angler EK

Flash redirect campaign impacts Carnegie Mellon page, leads ...

Malwarebytes found that, since early July, thousands of sites had been targeted in the campaign.