DDoS attacks hit multiple email providers

At least three email service providers have been hit by large distributed denial of service (DDoS) attacks on Friday, resulting in prolonged outages, The Record has learned.

The attacks have hit Runbox (a privacy email provider based in Norway), Posteo (a secure email provider based in Germany), and Fastmail (a privacy-first email provider based in Australia).

“We have received a threatening letter and a demand for money,” Posteo said in a blog post earlier today.

“We will not pay the amount of money demanded. Companies must not allow themselves to be blackmailed by criminals under any circumstances: Otherwise they will become even more attractive to them. And DDoS attacks often are not stopped even if money has been paid,” the German company said.

While Fastmail and Runbox have not confirmed receiving similar ransom demands, the attacks were carried out by the same threat actor, according to a person familiar with the matter who spoke with The Record earlier today. Similar extortion requests are believed to have been sent to the two companies as well.

At the time of writing, Fastmail and Posteo have resumed operations while Runbox is dealing with a new assault.

Additionally, UK VoIP provider Voipfone and gaming server provider Sparked also dealt with similar DDoS attacks today, but the attacks have been carried out by different threat actors, unrelated to the coordinated attacks on email providers.

While generally overshadowed by the extortion attempts orchestrated by ransomware gangs, threat actors who rely on DDoS attacks to force companies to pay ransom requests are still very active.

Last month, several DDoS extortion attempts were registered against internet service providers and financial entities across several countries, such as Russiathe UKthe US, and New Zealand—with some of the attacks being carried out using a new botnet called Meris.

Catalin Cimpanu is a cybersecurity reporter for The Record. He previously worked at ZDNet and Bleeping Computer, where he became a well-known name in the industry for his constant scoops on new vulnerabilities, cyberattacks, and law enforcement actions against hackers.

Source: Recorded Future

Leave a Reply