I use Feedly to keep up on all my RSS feed blogs. It works perfectly across all of my iOS devices and is accessible from any computer. Every morning, the first thing I do when I wake up is open Feedly to see what’s been going on. I check it throughout the day, and finish my night with one last overview of the day’s stories from my favorite blogs and news sites.
This morning, when I tried to check Feedly, nothing happened. The page didn’t load on my MacBook Pro. Assuming it was some kind of Wi-Fi issue on my laptop, I tried accessing the RSS service on my iPad. Nothing. Something must be wrong.
A quick search query lead me to Forbes, where I discovered that Feedly had been hacked.
At approximately 2:00 a.m. PT, Feedly was infected with a “distributed denial of service” (DDoS) attack. The hacker or hackers contacted the team at Feedly with ransom demands. The company quickly posted a notice on its blog, explaining the situation. “We refused to give in and are working with our network providers to mitigate the attack as best as we can.”
The Feedly blog also noted that the development team was working with other victims of the same attack and with law enforcement. Forbes noted that Evernote, which integrates with Feedly was attacked this morning as well. The company posted a tweet in the wee hours of the morning. “We’re actively working to neutralize a denial of service attack. You may experience problems accessing your Evernote while we resolve this.” Evernote’s service was restored within four hours.
At about 6:30 a.m. PT, the team at Feedly posted an update to the situation.
“We’re making some changes to our infrastructure that will allow us to bring feedly back online. However, these things take some time to put into place and it may still be a few more hours before service is restored. Thank you so much for your patience and for sticking with us. Remember, none of your data was compromised or lost in this attack.”
TechCrunch points out that Feedly and Evernote are only the latest victim in a wide-spread DDoS attack on websites around the world. Companies like Meetup, Basecamp, Vimeo, Bit.ly, SAY Media/TypePad, Namecheap, Plenty of Fish, and Moz were all attacked within the past few months.
Attacks of this kind appear to be coming from the same general location and have been increasing significantly in recent months.
“As a general trend, over the last three months there’s been an increase in very large attacks targeting DNS infrastructure. These appear to be coming from a large botnet concentrated in China. That doesn’t mean the attacker is actually in China, just that there are a lot of compromised PCs running there,” said CloudFlare CEO Matthew Prince. CloudFlare has worked with many of the victims to help restore their services.
So far, no company that has disclosed the attack has given into the cyber criminals’ demands. However, TechCrunch noted that there may be a number of companies that have paid the ransom quickly in order to restore service and never admitted publicly that anything went wrong. “We had heard from one source that some New York-based tech companies did pay off DDoS attackers when they were hit, but never said anything.”
A DDoS attack happens when the offending source renders the victim server unusable or unavailable. For example, the attacker, using multiple bots, could bombard the victim server with a massive flood of traffic so that the service gets bogged down and can’t accept new connections. DDoS attacks are difficult to defend because the assault comes from multiple sources that are harder to track and shut down.
It is likely that Feedly will be up and running soon. However, this trend calls into question what other major websites and services will be the next victim of this wide spread DDoS attack.