[TheRecord] DDoS attacks hit multiple email providers

At least three email service providers have been hit by large distributed denial of service (DDoS) attacks on Friday, resulting in prolonged outages, The Record has learned.

The attacks have hit Runbox (a privacy email provider based in Norway), Posteo (a secure email provider based in Germany), and Fastmail (a privacy-first email provider based in Australia).

“We have received a threatening letter and a demand for money,” Posteo said in a blog post earlier today.

“We will not pay the amount of money demanded. Companies must not allow themselves to be blackmailed by criminals under any circumstances: Otherwise they will become even more attractive to them. And DDoS attacks often are not stopped even if money has been paid,” the German company said.

While Fastmail and Runbox have not confirmed receiving similar ransom demands, the attacks were carried out by the same threat actor, according to a person familiar with the matter who spoke with The Record earlier today. Similar extortion requests are believed to have been sent to the two companies as well.

At the time of writing, Fastmail and Posteo have resumed operations while Runbox is dealing with a new assault.

Update 23-Oct-2021 01:01 CEST – The DDoS attack has resumed and some of our services are not accessible again.

— Runbox (@Runbox) October 22, 2021

Additionally, UK VoIP provider Voipfone and gaming server provider Sparked also dealt with similar DDoS attacks today, but the attacks have been carried out by different threat actors, unrelated to the coordinated attacks on email providers.

While generally overshadowed by the extortion attempts orchestrated by ransomware gangs, threat actors who rely on DDoS attacks to force companies to pay ransom requests are still very active.

Last month, several DDoS extortion attempts were registered against internet service providers and financial entities across several countries, such as Russiathe UKthe US, and New Zealand—with some of the attacks being carried out using a new botnet called Meris.

The post DDoS attacks hit multiple email providers appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[SecurityWeek] VMware vCenter Servers in Hacker Crosshairs After Disclosure of New Flaw

All posts, Security Week

The internet is already being scanned for VMware vCenter servers affected by CVE-2021-22005, a critical vulnerability for which the virtualization giant announced patches just a couple of days ago. read more Source: Read More (SecurityWeek RSS Feed)

Read More

[HackerNews] DMARC: The First Line of Defense Against Ransomware

All posts, HackerNews

There has been a lot of buzz in the industry about ransomware lately. Almost every other day, it’s making headlines. With businesses across the globe holding their breath, scared they might fall victim to the next major ransomware attack, it is now time to take action. The FBI IC3 report of 2020 classified Ransomware as […]

Read More

[SecurityWeek] Hacking the Hire: Three Ways to Recruit and Retain Cyber Talent

All posts, Security Week

Finding the right fit for your security team remains a daunting and somewhat challenging task in today’s world. There’s a well-documented shortage of talent across the cybersecurity industry dating back several years. The COVID-19 pandemic and the challenges it brought have made matters worse. Recent reports and surveys don’t paint a pretty picture.  read more […]

Read More