D-DoS Attacks Upon vBulletin.com
From Friday October 31st, vBulletin.com has been the target of distributed denial of service attacks originating from a person intent on extortion. Friday evening, Saturday and Sunday night saw massive attacks that were sufficient in size to cripple an entire sub-net of our hosting provider's network, and filled the connecting pipes with 150mb/s of incoming junk traffic.
Having refused to meet the demands of the attacker, on Wednesday at around 18:00 GMT the attacks were resumed after two relatively quiet days, causing vBulletin.com and all other sites hosted on this server to go offline again. However, after communication with WorldPay, who have also suffered DDoS attacks this week, we had a list of IP addresses known to be zombie computers. These IP addresses were blocked from reaching the server, along with any other IPs that looked to be attacking. By 21:00 GMT the attack had been blocked to a point where vBulletin.com became available to visitors once again.
An unfortunate side-effect of blocking large ranges of IP addresses is that many legitimate customers may currently be blocked from reaching vBulletin.com. We are working to resolve this as soon as possible, and extend our apologies to any customer who is unable to reach us. At this point we can only say that it is better for a small percentage of customer to be unable to gain access than for no customers to be able to do so. Normal service will be resumed as soon as possible.
We have gained considerable knowledge about our attacker through various means, and we are coordinating with our hosts, the FBI in the US and the NHTCU in the UK in order to persue him and remove his means of attacking us.
