[TheRecord] DDoS attacks hit multiple email providers

At least three email service providers have been hit by large distributed denial of service (DDoS) attacks on Friday, resulting in prolonged outages, The Record has learned.

The attacks have hit Runbox (a privacy email provider based in Norway), Posteo (a secure email provider based in Germany), and Fastmail (a privacy-first email provider based in Australia).

“We have received a threatening letter and a demand for money,” Posteo said in a blog post earlier today.

“We will not pay the amount of money demanded. Companies must not allow themselves to be blackmailed by criminals under any circumstances: Otherwise they will become even more attractive to them. And DDoS attacks often are not stopped even if money has been paid,” the German company said.

While Fastmail and Runbox have not confirmed receiving similar ransom demands, the attacks were carried out by the same threat actor, according to a person familiar with the matter who spoke with The Record earlier today. Similar extortion requests are believed to have been sent to the two companies as well.

At the time of writing, Fastmail and Posteo have resumed operations while Runbox is dealing with a new assault.

Update 23-Oct-2021 01:01 CEST – The DDoS attack has resumed and some of our services are not accessible again.

— Runbox (@Runbox) October 22, 2021

Additionally, UK VoIP provider Voipfone and gaming server provider Sparked also dealt with similar DDoS attacks today, but the attacks have been carried out by different threat actors, unrelated to the coordinated attacks on email providers.

While generally overshadowed by the extortion attempts orchestrated by ransomware gangs, threat actors who rely on DDoS attacks to force companies to pay ransom requests are still very active.

Last month, several DDoS extortion attempts were registered against internet service providers and financial entities across several countries, such as Russiathe UKthe US, and New Zealand—with some of the attacks being carried out using a new botnet called Meris.

The post DDoS attacks hit multiple email providers appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

Daily NCSC-FI news followup 2021-04-21

Alert (AA21-110A) Exploitation of Pulse Connect Secure Vulnerabilities us-cert.cisa.gov/ncas/alerts/aa21-110a The Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises affecting U.S. government agencies, critical infrastructure entities, and other private sector organizations by a cyber threat actoror actorsbeginning in June 2020 or earlier related to vulnerabilities in certain Ivanti Pulse Connect Secure products. Lisäksi: threatpost.com/pulse-secure-critical-zero-day-active-exploit/165523/. […]

Read More

[ZDNet] Australia’s intelligence community dismisses concerns about proposed data-gathering powers

All posts, ZDNet

Home Affairs and three of Australia’s national intelligence agencies came before a parliamentary body in a united front to give assurances that potential new powers to produce intelligence will only be used in ‘niche circumstances’. Source: Read More (Latest topics for ZDNet in Security)

Read More

[SecurityWeek] IoT/OT Device Security Firm NanoLock Raises $11 Million

All posts, Security Week

NanoLock Security, an Israel-based company that specializes in IoT and operational technology (OT) device protection and management, this week announced raising $11 million in a Series B funding round. read more Source: Read More (SecurityWeek RSS Feed)

Read More