There Was An Attack On The Server Earlier This Evening…

[rawTOP]

There was a huge DDOS attack on the server earlier this evening. I usually run around 45 Mbps out and at one point apparently the UDP traffic to the server was at 12 Gbps (that's a pretty huge attack) – though as you can see in the graph, it averaged to a somewhat lower number, but it was still quite substantial.
 
 
 
The traffic to the server is now being filtered. That should take care of it. Hopefully the filtering won't have to go on for long since it could inadvertently block "good" traffic. While the filtering was being set up there was some downtime. I apologize for that, but it was unavoidable.
 
Whoever attacked me, I'm not really sure what the point was. Since I don't know who it was, I don't know why they did it. Hence, what was the point of doing it in the first place? It's not like the attack managed to get a point across.

 

There was a meth head on Twitter who hit me up a week or two ago. He'd start by complimenting me but then wind up with vague threats of a lawsuit or something. But he was so incoherent I didn't take him seriously. Other than that there have been no substantive negative incidents lately, so I honestly don't have a clue why there was an attack today.

 

I mean years ago when people really hated barebacking, I'd see the point, but now bareback is mainstream and with PrEP there are tools for neg guys to protect themselves from would be stealthers and the like. So I really don't understand the timing of the attack at all.

 

Moving on…

[lungfucker]

Thank you for the explanation.  I admit that I was curious about the downtime, but it's completely understandable in light of what you have shared.  Again, thank you!

[Jamie85]

Hopefully it was a script kiddie playing around.   Either that or misdirected malware trying to disguise it's real target.  Glad you're up

[bottombottoy]

Thanks for the update. Im sure we would all like to know who and why if you ever figure it out 

[rawTOP]

Hopefully it was a script kiddie playing around.   Either that or misdirected malware trying to disguise it's real target.  Glad you're up

 

This was far more than what a script kiddie could do. Whoever did this had access to a botnet of zombie computers.

 

There were two attacks. One lasted about an hour. The other about 40 minutes. But everything is back to normal now.

[armaderboss]

250$ Bitcoin or you will be down far more than a couple of hours.

 

Contact me at armderboss@mail.ru you got 12 Hours left.

Edited October 2, 2015 by armaderboss

[armaderboss]

Will be down for 1 hour so you know I'm serious.

[rawTOP]

There was another attack this evening, but I think we've got it under control. This time it was a different type of attack that was specifically aimed at Breeding Zone.

[rawTOP]

250$ Bitcoin or you will be down far more than a couple of hours.

 

Contact me at armderboss@mail.ru you got 12 Hours left.

 

Given that the server was attacked 5 hours after this message (not 12), I can only assume it wasn't posted by the real hacker.

[Guest outdatedaccount]

While it seems the person attacking knows how to do a decent DDOS attack, it is still a good possibility they have not motive other than money.  Plenty of guys you can hire on the "darkweb" with bitcoin to write malware, perform DDOS, break into systems.  It's not even that expensive.  Saw an RSA security expert lecture and he was showing how a guaranteed 0 day exploit could be bought for like $30-50.  The prices they had for various things were much lower than I expected.  Don't remember what the DDOS attacks cost but they were under $100.

 

Seems like you know the difference but some site admins mistakenly think they are under attack when it's actually someone in the same network of a hosting provider causing their grief.   I worked for a cloud provider for a couple years.  Neighboring VM's often took down all the hosts in the same cell because they shared networking resources. 

 

Hope they get bored or caught soon.  Sucks when people mess with things you've built.

[Guest SBBOY]

Sorry to hear that. Hope it all gets sorted.

 

Do you know when the search facility will be reactivated? 

[rawTOP]

It's been over 24 hours since the last attack. I suspect the hacker has moved on to easier targets.

 

 

Do you know when the search facility will be reactivated? 

 

Search has been re-enabled, as has member registration. Both were turned off the past few days since they're a common point of attack. I'll turn them back off if the attacks resume.

[seaguy]

meth heads are not that sophisticated to mount an cyber attack like this one.  It was probably Michael Weinstein and his minions at the AHF as part of their effort to ban bareback porn and scare gay men from going on PrEP.

[rawTOP]

meth heads are not that sophisticated to mount an cyber attack like this one.  It was probably Michael Weinstein and his minions at the AHF as part of their effort to ban bareback porn and scare gay men from going on PrEP.

 

The meth head who contacted me claimed to have access to money. He was a little incoherent, but it sounded like his father had made quite a bit of money illegally and put it in his name. But then again, he was so high when he'd contact me who knows what the truth is (could have been a fantasy he made up in his head while he was high). But the point is, someone with money and a knowledge of illegal activity, could probably find a hacker to hire – even if he's high on meth half the time. I also had a Russian guy contact me wanting money for the attacks to stop (he posted above), but the attacks didn't always correspond to the times he specified, and I figured, even if he was the attacker, it was cheaper in the long run to pay my host to deal with it. As soon as you know they'll pay up, they'll do it again.