Several prominent weblogs have been hit with distributed denial of service (DDoS) attacks in recent weeks, as the target list for digital attackers continues to broaden. While some of the attacks appear to be politically motivated, on Monday a DDoS struck one of the blogosphere's most financially successful bloggers.
Australian Darren Rowse confirmed that an outage Monday on his ProBlogger weblog was caused by a DDoS, but provided no details about the attackers or their motives. Rowse gained international attention last year when he revealed that he would make more than $100,000 as a solo blogger in 2005, primarily through earnings from Google AdSense advertising and commissions from affiliate referral programs.
Has the success of professional bloggers made them viable financial targets for professional DDoS attackers? Sites with large volumes of transactions are the primary targets for a cottage industry of digital extortionists using DDoS attacks, usually launched through large botnets of compromised computers. These attacks have previously targeted online betting sites, payment gateways, domain parking services and even online games.
Payment gateway StormPay is recovering from a distributed denial of service attack (DDoS) that has kept its web site offline for much of the past two days. The company, which provides online payment processing for thousands of e-commerce web sites, came back online Friday after a sustained attack that commenced last weekend. The DDoS on StormPay is the latest in a series of attacks on services that allow web merchants to accept credit cards.
The attacks flooded StormPay with up to 6 gigabits a second of data, according to Barrett Lyon, chief technology officer of Prolexic Technologies, which specializes in DDoS defense and is working with StormPay to mitigate the attack. Lyon said the DDoS involved DNS amplification, using bogus DNS requests to cause Internet nameservers to inundate StormPay's web site with traffic. The impact can be seen on the performance chart for StormPay.com:
A dynamically updating performance chart is available for stormpay.com. Netcraft offers a web site performance monitoring service that provides similar charts, along with e-mail alerts when an outage occurs.
The company hosting the Million Dollar Homepage says an electronic attack was responsible for the extended outages earlier today. The distributed denial of service (DDoS) occurred as college student Alex Tew sold the final 1,000 pixels if his innovative ad service in an eBay auction for $38,100. The attack left the milliondollarhomepage.com site unreachable for large portions of the day, as seen in a performance chart for the site.
"The site received a major DDoS attack, and DDoS protection/prevention was not included in the customer's plan," Russell Weiss of InfoRelay Online Systems, Inc. wrote in an e-mail to Netcraft. "That said, we voluntarily took a number of steps to alleviate this attack while working within the appropriate budget." InfoRelay is the owner and operator of Sitelutions, which hosts the Million Dollar Homepage.
Tew has promised to keep the site online for at least five years. The DDoS attacks raise the prospect that operating milliondollarhomepage.com may prove more expensive than Tew originally envisioned. Tew will not be charged for any additional bandwidth consumed by the attack. But as Weiss noted, defense against DDoS attacks is typically a paid service not included with basic hosting accounts.
The Million Dollar Homepage was unavailable for an extended period early today, as huge publicity accompanied the completion of Alex Tew's novel online advertising service. Tew, a 21-year-old UK college student, sold the final 1,000 pixels for $38,100 in an eBay auction that closed Wednesday, netting Tew a total of $1,037,100 in total ad sales. The winner of the auction has not yet been announced. Tew launched the site in September to pay his college expenses, offering 1 million pixels of ad space at $1 a pixel.
The gimmick has paid off in huge web traffic. Milliondollarhomepage.com has received up to 500,000 unique visitors per day, and uses up to 200 megabits per second of Internet bandwidth, according to its host, Sitelutions. The Million Dollar Homepage is scheduled to remain online for five years, and appears to now be back online after several hours of downtime, which can be seen in this performance chart:
A dynamically updating performance chart is available for milliondollarhomepage.com. Netcraft offers a web site performance monitoring service that provides similar charts, along with e-mail alerts when an outage occurs.
The official web site for the MacWorld Expo was bogged down by heavy traffic today as Apple CEO Steve Jobs took the stage at the Moscone Center for his annual keynote address. In a repeat of last year's keynote, the crush of surfers eager for details on the latest Apple products slowed macworldexpo.com to a crawl. The site was knocked offline Monday night, apparently from traffic chasing the latest rumors about new product unveilings. On Jan. 3 the site (which ironically is powered by Windows Server 2003) was shifted to new hosting digs at Level 3, perhaps in anticipation of heavy traffic during the annual MacWorld show.
Mac enthusiast sites adapted their sites to manage the extra traffic, as the Mac News Network went to an all-text, ad-free page as it live-blogged Jobs' speech.
A dynamically updating performance charts are available for the www.macworldexpo.com site.
The shared bookmarking site del.icio.us was offline Monday as it struggled to recover from a data center power outage several days earlier. The downtime at del.icio.us was the latest in a series of outages for services that are widely used by bloggers. The TypePad blog hosting service was unusable for most of Friday, while the popular web-based RSS reader BlogLines was offline Monday as it shifted equipment to a new data center operated by its parent company, Ask Jeeves.