Feedly the Victim of DDoS Blackmail

So far it's resisting.

Evernote and Deezer are also suffering attacks. I haven't seen anything linking the three different victims, and the other two have not said anything about extortion demands.

Posted on June 11, 2014 at 7:27 AM • 13 Comments


Bob S.June 11, 2014 9:12 AM

I suppose Five Eyes is taking note in case they ever need to use the exploit on one of their targets.

And, to think we were so naive as to think the government agencies getting billions in funding were working on ways to stop this stuff.

WhiskersInMenloJune 11, 2014 9:48 AM

One thing I often forget to do is praise Comcast
for making virus software a "free" (no additional charge)
part of their internet service package. They do
enough wrong that remembering is often difficult.

Sadly the need for anti virus software is in part a responsibility
that MS must own. They could address it but partly because
there is an anti-virus industry and any move to eliminate this
industry by being a responsible OS designer is seen by some
as monopolistic. That and they are not responsible internet
citizens. :(

If large ISPs were to offer regionally different anti virus packages
modern big data tools might quickly ID new threats and address them
in 0.5 days. Today there is a mono culture of tools which is bad.

Removal tools, blocking tools....

Tim KeatingJune 11, 2014 11:54 AM

You know, we should write a botnet that invades peoples' machines and installs antivirus software on it. Like malware in reverse.

SpellucciJune 11, 2014 11:55 AM

@WhiskersInMenlo, I use MicroSoft Security Essentials as an antivirus package, MicroSoft Malicious Software Removal Tool (MRT) to remove malware, MicroSoft RootkitRevealer to look for rootkit software, and MicroSoft Windows Defender Offline to identify and remove rootkit and other infections. All are free.

AndrewJJune 11, 2014 7:18 PM

Not a big fan of the updated home page not displaying the full text or the comment count. Hoping this is not permanent..

anymooseJune 12, 2014 12:06 PM

Denial of service attack (part 2)
Posted on June 12, 2014 by @feedly
7:26am PST: We are currently being targeted by a second DDoS attack and are working with our service providers to mitigate the issue.

As with yesterday’s attack, your data is safe. We apologize for the inconvenience and will update this blog post as more information is available or the situation changes.



marathonJune 13, 2014 6:39 AM

And Feedly is down for a 3rd day in a row! Something doesn't seem right about their explanations though - they mention ransom. Could this be ransomware installed on their server? It also sounds like they use shared hosting, which if true is pretty amatuer. Anyway doesn't the ransomware exploits in the wild entail something like encrypting the data on hard drive(s)? I find it hard to believe that a capable ISP and CloudFlare wouldn't be able to mitigate a DDOS attack pretty promptly and permanently. As a paying customer, I'm obviously not too happy about this being that it's happened 3x in a row.

What does everyone else think?

DougJune 13, 2014 2:29 PM

@Josh Hardin

Maybe someone had a thing for the golem story where the golem had EMET written on its forehead. Maybe there is a built in kill switch in the software that disables the whole toolkit.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Resilient Systems, Inc.