Now Reading
Cyberattack – November 2023 —

Cyberattack – November 2023 —

2023-11-28 19:05:04

Between 18 and 22 November 2023, the web site was affected by a DDoS assault, executed by a botnet with lots of of IP addresses sending over 1.5 billion malicious request, at a peak fee of 100 thousand rps (request per second). The web site was intermittently obtainable for just a few days till going offline on November 21. The difficulty was resolved by transferring behind a devoted DDoS mitigation service, and the assault stopped on the finish of the day. Apart from the primary web site, just a few different companies had been made unavailable – they’re actively being restored.

Duty for the assault has not been claimed, and motives are unknown. The assault was targeted on denial of service. Mission and person information haven’t been affected.

Particular due to the group that has been working across the clock to resolve this: Anna, Arnd, Danny, Oleg, Pablo and Sergey. Additionally due to everybody who reached out providing assist and assist!

Original Announcement

Since Saturday, 18 November, the servers are underneath a DDoS assault; bringing down our servers by overloading them with requests. The directors have been engaged on it continuous. Makes an attempt to dam IP ranges from attackers didn’t work, as they rapidly got here again from different places. 

Furthermore, within the brief durations they don’t assault, pending logs of normal requests overload the servers once more, sending the infrastructure right into a loop of self-destruction.

After 4 days of keeping off the assaults, the group determined to maneuver the core of our web site to a safe service that gives DDoS safety. Which means that is again!


2023-11-18. Preliminary indicators of malicious visitors on the web site, mitigated by blocking offending addresses.

2023-11-19. Malicious visitors intensifies to the purpose of intermittently interrupting availability of the web site.

2023-11-20. A number of companies (developer discussion board, wiki, and so forth.) are unavailable resulting from extreme visitors. Blocking IP ranges is not efficient.

2023-11-21. Assault reaches full scale, requiring for the companies to be totally stopped. A choice is made to maneuver behind a devoted DDoS mitigation service. On the finish of the day the web site is on the market once more, working usually.

See Also

2023-11-22 01:30. The assault continues to be ongoing, peaking at over 5 million requests per minute. Whereas most of performance is again to regular, there are nonetheless just a few points:

  • Customers would possibly introduced with a “problem” to confirm that they don’t seem to be a bot earlier than visiting the web site
  • (with out www) continues to be not accessible, resulting from technical causes. If you wish to go to, be sure you kind
  • A number of web sites are nonetheless unavailable (code, developer, docs, devtalk, obtain, wiki, and so forth.) – and we preserve working to carry them again.

2023-11-22 10:30. The assault has stopped. We proceed working to revive all different web sites right this moment.

2023-11-22 20:30. All websites are again on-line and working usually. Sadly one other assault has began, however it’s being mitigated and shouldn’t be affecting the web site expertise.

2023-11-23 20:30. The assault has stopped. In whole over 2.1B requests (as much as 100K rps) had been mitigated. We think about the difficulty closed for now, and can solely report additional if the person expertise on is affected. DDoS attack - 21 Nov 2023

Francesco Siddi
COO – Blender

Source Link

What's Your Reaction?
In Love
Not Sure
View Comments (0)

Leave a Reply

Your email address will not be published.

2022 Blinking Robots.
WordPress by Doejo

Scroll To Top