Feedly and Evernote are currently experiencing DDoS — or distributed denial of service — attacks. If it seems like these attacks are becoming more frequent, it’s because they are. Bit.ly was hit just a couple months ago, as was Meetup.com shortly thereafter. According to TechCrunch, a host of other sites have been recent DDoS victims as well.
According to an official post on the Feedly blog, the DDoS attackers are trying to extort the site for money, and Feedly isn’t going for it.
We refused to give in and are working with our network providers to mitigate the attack as best as we can. We are working in parallel with other victims of the same group and with law enforcement.
In a 6:25 a.m. PT update on the Feedly blog, the company said it is working on an infrastructure change to bring the service back online.
As for Evernote, a spokesperson told the BBC that the attack started around 2:25 p.m. PT yesterday afternoon. According to a tweet around 7:20 p.m. last night, Evernote is up and running, but “there may be a hiccup or two for the next 24 hours.”
TechCrunch contributor Sarah Paz points out that not only are the DDoS attacks becoming more frequent, they’re also becoming more aggressive. And the challenge for sites like Evernote or Feedly is that they simply don’t have the large-scale infrastructure to fight the attacks off on their own.
Paz also speculated as to why these attacks continue, despite the company’s refusal to pay up.
It could be that while the ones conscientiously updating their customers as to their status are not playing the criminals’ game, others may be. We had heard from one source that some New York-based tech companies did pay off DDoS attackers when they were hit, but never said anything.
While this claim is unconfirmed, it does suggest plausible motivation. If the DDoS extortion is successful sometimes, that just might be enough to encourage attackers to keep trying.