Slashdot Mirror
What's Up With ProtonMail Outages? (bleepingcomputer.com)
ProtonMail, a secure email service provider used by more than two million users and references of which has been made in shows like Mr. Robot, has been facing outages for the last two days as it fights numerous DDoS attacks. "The attacks went on for several hours, although the outages were far more brief, usually several minutes at a time with the longest outage on the order of 10 minutes," a ProtonMail spokesperson told BleepingComputer, adding that it has tracked the attack to a group that claims to have ties to Russia. But things are more complicated than that, and it appears ProtonMail users, who are already annoyed at the frequent outages over the last few days, are up for more such downtimes in the coming days. BleepingComputer: But in reality, the DDoS attacks have no ties to Russia, weren't even planned to in the first place, and the group behind the attacks denounced being Russian, to begin with. Responsible for the attacks is a hacker group named Apophis Squad. In a private conversation with Bleeping Computer today, one of the group's members detailed yesterday's chain of events. The Apophis member says they targeted ProtonMail at random while testing a beta version of a DDoS booter service the group is developing and preparing to launch.
The group didn't cite any reason outside "testing" for the initial and uncalled for attack on ProtonMail, which they later revealed to have been a 200 Gbps SSDP flood, according to one of their tweets. "After we sent the first attack, we downed it for 60 seconds," an Apophis Squad member told us. He said the group didn't intend to harass ProtonMail all day yesterday or today but decided to do so after ProtonMail's CTO, Bart Butler, responded to one of their tweets calling the group "clowns."
This was a questionable response on the part of the ProtonMail CTO, as it set the hackers against his company even more. "So we then downed them for a few hours," the Apophis Squad said. Subsequent attacks included a whopping TCP-SYN flood estimated at 500 Gbps, as claimed by the group.
The group didn't cite any reason outside "testing" for the initial and uncalled for attack on ProtonMail, which they later revealed to have been a 200 Gbps SSDP flood, according to one of their tweets. "After we sent the first attack, we downed it for 60 seconds," an Apophis Squad member told us. He said the group didn't intend to harass ProtonMail all day yesterday or today but decided to do so after ProtonMail's CTO, Bart Butler, responded to one of their tweets calling the group "clowns."
This was a questionable response on the part of the ProtonMail CTO, as it set the hackers against his company even more. "So we then downed them for a few hours," the Apophis Squad said. Subsequent attacks included a whopping TCP-SYN flood estimated at 500 Gbps, as claimed by the group.
Not clowns. Assholes is the proper term.
That is the proper term.
They are one of the lowest forms of life on the net. When they get renditioned to some USian bunker in the third world no one will shed a tear or notice.
though it's hard to imagine who.
It wouldn't bother me to see these clowns get dragged out of their houses and kicked in the back of their heads until they stopped moving. Over and over.
That's it.
The group didn't cite any reason outside "testing" for the initial and uncalled for attack on ProtonMail
As opposed to, er, "called for" (justified?) attacks?
He said the group didn't intend to harass ProtonMail all day yesterday or today but decided to do so after ProtonMail's CTO, Bart Butler, responded to one of their tweets calling the group "clowns."
Oh. Well then. That's perfectly reasonable then ...
They are a bunch of clowns. Or paid by GMail ...
Little short bursts, and then when someone does anything they perceive as a slight, constant shitstorm until they autistic-fit themselves to exhaustion.
Amusing. I wonder what they'd have done had the CTO called them fags instead.
And only a mere 200 Gbit? That's child's play, I've got an easy order of magnitude more bandwidth than that just on my remote office servers alone.
Betting none of them are over the age of 25, otherwise they'd know where to get real bandwidth.
Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
I hope every member of this group that is identified has his balls ripped off.
Great, all this does is provide advertising for people that will want to contract for their "new and improved" DDoS service.. Nice.
Didn't another group just recently get arrested for providing such a "service?"
Doubling down on their stupidity doesn't change that.
the greatest surveilance state and most paranoid country on the planet, the U.S., is usually the ones behind this. And they are very good at what they call "attribution", making it seem like someone else is doing it. Preferably a scapegoat chosen to stir even more shit up.
As an owner of an IP I should be able to tell a service provider to simply cut off traffic from given IPs on his network (or his entire network if they don't do effective ingress/egress filtering). Start up internet 2 with a less retarded infrastructure already, this shit got ridiculous 20 years ago and the fact that we haven't even attempted to fix it is just insane.
You guys fucking suck!
Signed,
totally the real Microsoft CEO, I swear on his life.
And what's the deal with airplane peanuts?
#DeleteFacebook
Large-scale protests in Iran haven't been getting much press in the US the past couple of days because of the Supreme Court news.
Iran economic protests shut Tehran's Grand Bazaar
Apparently, crowds in Iran have been shouting "Death to Palestine" and "Our enemy is right here!"
Maybe the Iranian secret police has caught Iranian civilians using Proton Mail?
> decided to do so after calling the group "clowns"
Flabby clowns sounds better?
Big numbers. Obviously they have a large botnet. But as soon as they start using it people will figure out the infected units, find the vulns used to subvert them and start unwinding the network.
And the thing is, what goes around, comes around. Eventually.
The Russians have won. They have made the world a cesspool of distrust, greed, fear and hate.
I'm sure he'll tell you via his employee the steak selling real estate billion dollar money-loser guy.
http://www.nydailynews.com/new-york/ny-metro-teen-murdered-in-bronx-nypd-explorer-20180623-story.html
In Soviet Washington the swamp drains you.
Yeah, such as on the Trump's administration officials...
In Soviet Washington the swamp drains you.
Calling these guys clowns are an insult to clowns. This group needs jail time and a ban from the internet.
I'm not sure which language this was translated to English from, but my guess is Russian.
You are welcome on my lawn.
"retarded"
Spotted the teenager. Man, did I have to look closely for that one.
"I don't like warriors. Too narrow-minded, no subtlety. And worse, they fight for hopeless causes. Honor? Huh! Honor's killed millions of people, it hasn't saved a single one. Tell you what I do like though: a killer. A dyed-in-the-wool killer. Cold-blooded, clean, methodical and thorough. Now a real killer, when he picked up the ZF-1, he would have immediately asked about the little red button on the bottom of the gun. [a Mangalore presses the button, detonating a large explosive] Bring me the priest."
The CTO only needed to call them clowns to make them push the buttons. They're not clowns, they're kids.
who TF antagonizes hackers when you are a CTO. The majority of the hacker mentality is based off of saying a big screw you to authority. The CTO should have known that the best course of action is to apologizing the down time while not even attributing it to any group or even adding in his personal thoughts of said group. Let the groups claim responsibility them selves rather than letting your ego get the best of you and make smug statements about a group that you are not intimately familiar with.
When a CTO of a SECURE email provider does not understand the basics of hacker culture and cannot conduct himself with the professionalism that such a position requires then it is time to let him go. FFS, in the end it is inconsequential to him who the attackers are and what his personal feelings on the subject are as it is his job to make sure that his organization has the procedures and processes in place to mitigate such attacks and by contributing his personal opinion of the hackers he is only trying to deflect from his own shortcomings as the CTO.
and beat them to within an inch of their lives?
If you're truly just conducting a test, you let your target know. Otherwise it isn't a test, it's just another DDoS attack, end of story. Even if it's only 60 seconds long, you're still affecting a business and its customers without proper warning or actual justification, all for the benefit of your own business and product. Only a true clown would think they have a free pass to fool around as they wish without being seriously called out for it. And only the worst kind of self-centered assholes intentionally escalate the situation after being called out for their legitimately shitty behavior.
as a species, we're lower than virii. time for another reset.
His Whollyness doesn't care for the fact the the American people were lied to and manipulated by corrupt politicians who sold themselves out to a foreign power, in order to achieve that vote. And I don't, either.
But the truth is coming out as more of their activities and connections are being brought out and exposed under the bright light of day.
#TICKTOCK
Il n'y a pas de Planet B.
Get a life, dickwads.
It just happened a few minutes ago.
DeSantos: Mr. Roseinstein, why are you not recused from running an investigation into obstruction into the President over Comey being fired when you gave the recommendation to fire Comey, and the IG report shows in great detail that Comey should be fired?
Roseinstein: If I see a reason to recuse myself I will.
Yep, the guy running an investigation for Trump for following his recommendations, refuses to recuse himself due to his involvement. Corrupt from top to bottom, It is already come out. After that single question and answer, Roseinstein has let us know his is corrupt and believes he doesn't need to answer to Congress or the people.
#TICKTOCK
The guy who was asked by Trump to write a recommendation to justify firing Comey, it's not like he just spontaneously wrote the recommendation.
And in fact Trump said in a nationally broadcasted interview that he had already decided to fire Comey and he was thinking about the Russia investigation when he did it.
Just sayin'.
Stop calling stupid script kiddies and botnetters "hackers", that's disrespectful for actual hackers, regardless of what meaning you believe this word has today.
We've seen these ego-driven types before. They are "Robin Hood"'s, stealing from the rich to give to the poor, they aren't even ethical. They are just your basic lowlife thieves, who try to avoid working for a living but aren't smart enough to start a business or create a product (that they haven't stolen) or a service other people would want to buy.
When one of them gets caught (not if) they usually end up turning in their "friends" in Aphos in return for a reduced sentence. Setting in a court docket they aren't full of swagger and making big claims. They set there with a clean haircut and shave, in a suit, trying to look less than what they acted like, in a vain attempt to persuade the judge or jury that they aren't the bad boys the government is making them out to be. Soon, the entire bunch is reeled in, convicted, serve time, and when they get out their future income is garnished to pay back at least some of what they've stolen and squandered.
I read Slashdot. Do what you will.
are NOT the "Robin Hood"'s
Giving interviews, etc. instead of remaining in the dark. Leaving traces.
Rule number one of EVE Online: do not be salty in public communication channels when somebody destroys your ship for no good reason.