Host.us DDOS attack -and- related conversations

Alain Hebert ahebert at pubnix.net
Wed Aug 3 14:16:01 UTC 2016


    Well,


    Could it be related to the last 2 days DDoS of PokemonGO (which
failed) and some other gaming sites (Blizzard and Steam)?


    And on the subject of CloudFlare, I'm sorry for that CloudFlare
person that defended their position earlier this week, but there may be
more hints (unverified) against your statements:

        https://twitter.com/xotehpoodle/status/756850023896322048

        That could be explored.


    On top of which there is hints (unverified) on which is the real bad
actor behind that new DDoS service:

       
http://news.softpedia.com/news/pokemon-go-ddos-attacks-postponed-as-poodlecorp-botnet-suffers-security-breach-506910.shtml


    And I quote:

        "One thing LeakedSource staff spotted was that the first payment
recorded in the botnet's control panel was of $1, while payments for the
same package plan were of $19.99."

        ( Paypal payments btw )


    There is enough information, and damages, imho, to start looking for
the people responsible from a legal standpoint.  And hopefully the
proper authorities are interested.

    PS:

        I will like to take this time to underline the lack of
participation from a vast majority of ISPs into BCP38 and the like.  We
need to keep educating them at every occasion we have.

        For those that actually implemented some sort of tech against
it, you are a beacon of hope in what is a ridiculous situation that has
been happening for more than 15 years.

-----
Alain Hebert                                ahebert at pubnix.net   
PubNIX Inc.        
50 boul. St-Charles
P.O. Box 26770     Beaconsfield, Quebec     H9W 6G7
Tel: 514-990-5911  http://www.pubnix.net    Fax: 514-990-9443

On 08/03/16 09:41, Robert Webb wrote:
> Anyone have any additonal info on a DDOS attack hitting host.us?
>
> Woke up to no email this morning and the following from their web site:
>
>
>
> *Following an extortion attempt, HostUS is currently experiencing sustained
> large-scale DDOS attacks against a number of locations. The attacks were
> measured in one location at 300Gbps. In another location the attacks
> temporarily knocked out the entire metropolitan POP for a Tier-1 provider.
> Please be patient. We will return soon. Your understanding is appreciated.
>   *
>
>
> >From my monitoring system, looks like my VPS went unavailable around 23:00
> EDT last night.
>
> Robert
>




More information about the NANOG mailing list