Incident Response, TDR

Meetup battles prolonged DDoS attack

Social networking portal Meetup has been hit with a prolonged distributed denial-of-service (DDoS) attack that has caused intermittent outages for days.

At the time of this report, the site was not available.

According to a blog post by the company, the DDoS attack initially took place on Thursday morning, causing its website and apps to be unavailable to its members. While service was partially restored later in the day, another wave of malicious traffic knocked the website offline Saturday evening.

The Meetup team once again managed to restore service for “most people” in the early Sunday hours, but it was once again affected by the attack in the evening.

Throughout the incident, the company has stressed that no sensitive information was been affected.

“Organizer and member data is secure, including credit card information,” the company post reads. “No data has been accessed or stolen.”

This has been the longest downtime the company has experienced in its 12 years of operation, according to a blog post by Meetup Co-founder and CEO, Scott Heiferman.

In his address to Meetup members, he shared an email from the attacker who attempted to extort the company prior to conducting the DDoS attack.

“A competitor asked me to perform a DDoS attack on your website,” the criminal wrote. “I can stop the attack for $300 USD. Let me know if you are interested in my offer.”

The attack began shortly after receiving the message.

According to Heiferman, Meetup did not pay the “ridiculously small” fee because it did not want to negotiate with criminals and felt that judging by the amount that was asked, the attack, although sophisticated, was the work of amateurs.

He believes that succumbing to the threat would have only led to a higher demand in the future, as well as additional attacks since “word spreads in the criminal world.”

According to a report by TechCrunch, Meetup has confirmed that it has enlisted the help of CloudFlare, a San Francisco-based security and site performance service provider, to mitigate the attacks.

CloudFlare recently battled a massive NTP reflection DDoS attack that “peaked just shy of 400 [gigabytes per second],” according to CloudFlare CEO, Matthew Prince.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.