• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • January 26th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Cyber Events
Cyber Attacks

NSA-proof ProtonMail Service DDoSed, Forced to Pay $6000 as Ransom

November 6th, 2015 Pushpa Mishra Cyber Attacks, Cyber Crime 0 comments
NSA-proof ProtonMail Service DDoSed, Forced to Pay $6000 as Ransom
Share on FacebookShare on Twitter

In 2014, a team of privacy advocates launched ProtonMail and claimed that it’s an NSA-proof email service. The service was such a massive hit that the developers came up with its Android and iOS apps.

But something went wrong this week with ProtonMail when it got under powerful DDoS attacks by unknown cyber criminals and forced to pay a ransom of about $6000 in order to stop them from DDoSing its servers.

According to the officials, ProtonMail (one of the end-to-end encrypted e-mail service providers) had continuous attacks on their network and criminals demanded ransom for stopping the attacks. The company paid 15 bitcoins which in conversion to USD are about $6000.

But, even after the payment was done the criminals didn’t hold up the attacks on company’s servers. Though initially in a blog post the company wrote about attacks being held up but company official soon wrote this:

“We hoped that by paying, we could spare the other companies impacted by the attack against us, but the attacks continued nevertheless. Attacks against infrastructure continued throughout the evening and in order to keep other customers online, our ISP was forced to stop announcing our IP range, effectively taking us offline. The attack disrupted traffic across the ISP’s entire network and got so serious that the criminals who extorted us previously even found it necessary to write us to deny responsibility for the second attack.”

It all started Tuesday midnight when the company received an email for ransom from the same attackers who are believed to be involved in attacks all over Switzerland for last few weeks. Right after the email, a DDoS attack took place from the hackers which lasted over 15 minutes and shook the company’s servers.

Attackers then attacked the company’s servers at 11 am and for the next 3 hours the attacks kept on growing without relenting. By 2 PM Company’s server were receiving junk traffic at 100 GB per second and threatened the data center and upstream providers of the company.

A blog post from the company reflected more light on the attack, here is what is said:

“Through MELANI (a division of the Swiss federal government), we exchanged information with other companies who have also been attacked and made a few discoveries. First, the attack against ProtonMail can be divided into two stages. The first stage is the volumetric attack which was targeting just our IP addresses. The second stage is the most complex attack which targeted weak points in the infrastructure of our ISPs. This second phase has not been observed in any other recent attacks on Swiss companies and was technically much more sophisticated. This means that ProtonMail is likely under attack by two separate groups, with the second attackers exhibiting capabilities more commonly possessed by state-sponsored actors. It also shows that the second attackers were not afraid of causing massive collateral damage in order to get at us.

At present, ProtonMail’s infrastructure is still vulnerable to attacks of this magnitude, but we have a comprehensive long-term solution which is already being implemented. Protecting against a highly sophisticated attack like the second one which was launched against us requires sophisticated solutions as we also need to protect our datacenter and upstream providers. Cost estimates for these solutions are around $100,000 per year since there are few service providers able to fight off an attack of this size and sophistication. These solutions are expensive and time taking, but they will be necessary because it is clear that online privacy has powerful opponents. In order to cover these costs, we are collecting donations for a ProtonMail defense fund”.

[fullsquaread][/fullsquaread]

The FBI tells people to pay ransom in case of cyber attacks but critics believe paying ransom to the attackers was within itself a wrong step taken by the company as it will be motivating the attackers to carry out more attacks of this nature.

It’s still unclear who the attackers were as till now only suspicions of different experts are what on record we have, the full story is yet to be unraveled in upcoming days. So stay tuned! 

  • Tags
  • Cyber Crime
  • DDOS
  • Email
  • NSA
  • ProtonMail
  • Ransom
  • security
Facebook Twitter LinkedIn Pinterest
Previous article Anonymous stands true to its words, leaks more data on alleged KKK members
Next article UK companies have ‘misplaced confidence’ on cyber security
Pushpa Mishra

Pushpa Mishra

Pushpa is a Dubai based scientific academic editor who worked for Reuters' Zawya business magazine and at the same time a passionate writer for HackRead. From the very first day she has been a blessing for team Hackread. Thanks to her dedication and enthusiasm.

Related Posts
Man jailed after attempting to buy 3-year-old girl on dark web

Man jailed after attempting to buy 3-year-old girl on dark web

Massive privacy risk as hacker sold 2 million MyFreeCams user records

Massive privacy risk as hacker sold 2 million MyFreeCams user records

Online scams: How to give scammers a taste of their own medicine

Online scams: How to give scammers a taste of their own medicine

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Man jailed after attempting to buy 3-year-old girl on dark web
Cyber Crime

Man jailed after attempting to buy 3-year-old girl on dark web

65
SonicWall hacked after 0-day flaws exploited by hackers
Hacking News

SonicWall hacked after 0-day flaws exploited by hackers

116
Massive privacy risk as hacker sold 2 million MyFreeCams user records
Cyber Crime

Massive privacy risk as hacker sold 2 million MyFreeCams user records

154

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us