Basecamp held to ransom as hackers launch massive DDoS attack
Basecamp, the online collaboration and project management service, found itself on the receiving end of a massive DDoS attack yesterday as 20Gbps of data was pelted at servers. If this was not enough, the attackers tried to hold Basecamp to ransom, saying the server flooding would not come to an end until a fee was paid.
While the attack was underway, Basecamp was effectively taken offline but the team behind the service refused to bow to the ransom demands. Beavering away behind the scenes, technicians were able to restore service to 95 percent of users without parting with any money.
As the week got off to a terrible start, the Basecamp team was quick to try to calm any fears that users may have had about their data: "All the data is safe and sound, but nobody is able to get to it as long as the attack is being successfully executed. This is like a bunch of people blocking the front door and not letting you into your house. The contents of your house are safe -- you just can’t get in until they get out of the way".
But while relatively normal service has been resumed, Basecamp is not yet out of the woods. "The attack has stopped for now, but there's no guarantee it will not resume. Other victims have told us about how the attacker would take a break, and then try again later with a different method. Hopefully that will not be the case, but we remain on the highest alert for now".
The problems at Basecamp follow a very similar attack on Meetup which was hit by more than one DDoS strike. It is looking as though the same person or people are responsible and the Basecamp team are asking for anyone who has been blackmailed by someone using an email address matching the pattern firstname.lastname@example.org to get in touch "so we can compare notes on both technical defenses and the law enforcement effort to hunt them down".