CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
December 1st, 2008

AlertPay.com Hit By A Massive DDoS Attack, Outage Took A Day To Resolve

Millions of account holders at privately owned online payment gateway, AlertPay.com, weren’t able to do business through the service yesterday. According to a notice left by a company representative, AlertPay was under a large scale DDoS attack.

Seven hours of downtime right in the middle of the Christmas shopping season with millions of businesses using the service affected, isn’t coincidental. This DDoS attack, just like the recent DDoS attack again a popular anti-fraud site, may have well been outsourced.

AlertPay’s statement on the situation posted yesterday states:

We are currently experiencing a large scale DDOS attack that has hit our sites which started at approximately 6:00am EST Sunday. We are working with our data center to resolve and/or mitigate this issue. More information will be posted here as we get updates. For the time being customers can connect to AlertPay at an alternate location: https://67.205.87.226

Several hours later, AlertPay issued an update:

We have finally mitigated the massive DDOS attack that started at 6:00am EST. Unfortunately it took almost all day to resolve. The site is operational now, and hopefully we’ll continue to tweak it more tomorrow to ensure this doesn’t happen again. We sincerely apologize for the inconvenience and we understand that this outage affects each of you personally. We’re sorry for that. We will continue to put measures in place so that outages like this do not occur again.

It is unclear who exactly is behind this DDoS attack. It might be an unethical competition which in times of international economic meltdown can easily restore its market position by damaging the reputation and reliability of known competitor. It could also be cybercriminals who got a reason to damage a particular online payment processor that has, for example, detected their fraudulent activity, thereby causing them huge monetary losses.

Despite the fact that online payment gateways have always been targets for DDoS extortionists, with malicious attackers introducing DDoS services for hire, they have empowered literally everyone knowing how to contact them with the opportunity to forward the responsibility for an attack to a third-party.

AlertPay is not the first payment gateway who got hit by a DDoS during the last couple of years. In 2004 four large online payment processors got hit: Worldpay, Authorize, Authorize-It and 2Checkout. In 2006 – StormPay, in 2008 – LibertyReserve.

Share this item with others:

More on CyberInsecure:
  • GoDaddy.com Hosting Hit By A Major Denial-of-Service Attack
  • DDOS Attack Hits Cheshire-based ISP Vispa, 30,000 Customers Forced Offline
  • Massive Botnet DDoS Attack Hits Mininova.org
  • Internet Movie Database And Amazon Hit By A DDOS Attack
  • BBC Website Hit By DDoS Attack

    • Posted in Breaches And Incidents, DDoS, Targeted Attacks | Print This Post Print This Post

    This entry was posted on Monday, December 1st, 2008 at 11:46 am and is filed under Breaches And Incidents, DDoS, Targeted Attacks. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: AlertPay.com Hit By A Massive DDoS Attack, Outage Took A Day To Resolve

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.

    « «
    » »