AlertPay.com Hit By A Massive DDoS Attack, Outage Took A Day To Resolve
Millions of account holders at privately owned online payment gateway, AlertPay.com, weren’t able to do business through the service yesterday. According to a notice left by a company representative, AlertPay was under a large scale DDoS attack.
Seven hours of downtime right in the middle of the Christmas shopping season with millions of businesses using the service affected, isn’t coincidental. This DDoS attack, just like the recent DDoS attack again a popular anti-fraud site, may have well been outsourced.
AlertPay’s statement on the situation posted yesterday states:
We are currently experiencing a large scale DDOS attack that has hit our sites which started at approximately 6:00am EST Sunday. We are working with our data center to resolve and/or mitigate this issue. More information will be posted here as we get updates. For the time being customers can connect to AlertPay at an alternate location: https://67.205.87.226
Several hours later, AlertPay issued an update:
We have finally mitigated the massive DDOS attack that started at 6:00am EST. Unfortunately it took almost all day to resolve. The site is operational now, and hopefully we’ll continue to tweak it more tomorrow to ensure this doesn’t happen again. We sincerely apologize for the inconvenience and we understand that this outage affects each of you personally. We’re sorry for that. We will continue to put measures in place so that outages like this do not occur again.
It is unclear who exactly is behind this DDoS attack. It might be an unethical competition which in times of international economic meltdown can easily restore its market position by damaging the reputation and reliability of known competitor. It could also be cybercriminals who got a reason to damage a particular online payment processor that has, for example, detected their fraudulent activity, thereby causing them huge monetary losses.
Despite the fact that online payment gateways have always been targets for DDoS extortionists, with malicious attackers introducing DDoS services for hire, they have empowered literally everyone knowing how to contact them with the opportunity to forward the responsibility for an attack to a third-party.
AlertPay is not the first payment gateway who got hit by a DDoS during the last couple of years. In 2004 four large online payment processors got hit: Worldpay, Authorize, Authorize-It and 2Checkout. In 2006 – StormPay, in 2008 – LibertyReserve.
More on CyberInsecure:
Leave a Reply
Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.