It is increasingly becoming popular to put pressure on media and target journalists personally once those with power and money do not like what is being said or written. Trump’s notion of rigged system and spoiled mainstream media makes it even easier for the oppressors. It seems that some businessmen from Ukraine followed the call.
Gifts were packed, tickets checked, greetings cards were sent. Everything seemed to be ready for a vacation. Then enlightening came: I have to check the spambox. Never follow those sudden impulses. But what’s done is done – I’ve opened the Gmail.
On the eve of the Christmas our spambox which is usually loaded with sensational penis-enlargement pills and late Congolese princes wills contained at least two outstanding letters. One of it came from the entity which prefers to be named «Sara Sellys». No, really, here it is:
«Kill this piece or we’ll kill your site» suggested the message. «Everything will be ok, if you do it right now». Perhaps coma was excessive, no? «Be sure — continued Sara — in other case ur site will suffer».
Common, those who got killed do not suffer. Ask anyone (s)killed enough.
Pakistan? India? Nope. Someone from the Eastern Europe… That’s for sure.
Soon the DDOS started. It is I was informed that it was started by hosting provider. The statement said: «You don’t have to do anything». They are killing my site and I have nothing to do with it? Somebody at the hosting company just will take care of the Sara’s efforts? How unfair! Please, please let me confront the l33t hax0rz from the Ukraine!
The bots were mainly Ukrainian with addition of Russian and Moldavian IPs. The attack itself was narrow-band, old school, boring and dull. Hax0rz managed to render the site to 520/522 error for the period of 10 minutes. The IP pool was no more then forty thousands thick. They changed the target three times, with no effect:
- First they streamed bots to the target URL. As it was cached it was very ineffective. I suppose that it was just the way to show us what exactly they want from us to do.
- Second wave came as pingback-verification stream from the WordPress blogs. Our site is also powered by WP. I have disabled this feature and the stream ceased immediately.
- The third kind was an attack to wp-login.php. It was also done by pingbacking. To mitigate it I“ve just temporary disabled the whole admin area. Not this was absolutely necessary. But I have to do something better on Christmas. Sorry Sara, you have failed to entertain me.
And the second outstanding letter? It was closely related to the first. It mirrors the efforts of Sara Sellys in the legal area:
It is not exactly my responsibility to announce the decisions but I will do it myself as anyone else has a better time. Stop this retarded scum and don’t waste your vacations as you attempted to waste mine.
Judging from the letter above it’s easy to guess that entire operation was ordered by Max Polyakov, the owner of Noosphere Ventures and some others dating/flirting/adult entertainment companies in Ukraine. Such a shame that I am not a kind of person to reflect the DOS to the originating web-site, noosphereventures.com.