DDoS on Blue Security Blog Knocks Typepad, LiveJournal Offline
3rd May, 2006
The spam-fighting service Blue Security has been under siege by spammers and digital attackers in recent days. On Tuesday it wound up sharing its pain with a large chunk of the blogosphere. When Blue Security's web site was hit by a distributed denial of service attack attack (DDoS), the company temporarily repointed www.bluesecurity.com to a blog on Six Apart's TypePad service. The DDoS traffic appears to have followed www.bluesecurity.com to its new home, overwhelming Six Apart's network and knocking its TypePad and LiveJournal services offline for nearly eight hours.
LiveJournal hosts more than 1.8 million active blogs, according to its stats page, while TypePad is home to thousands more, including many prominent blogs. In a status advisory, Six Apart said a "sophisticated" DDoS struck at 4 p.m. Pacific time and continued to affect its services until past 11:30 p.m. "This has affected all of Six Apart's sites, causing intermittent and limited availability for TypePad, LiveJournal, TypeKey, sixapart.com, movabletype.org and movabletype.com."
The DNS change for www.bluesecurity.com to an IP address on Six Apart's network (18.104.22.168) was first noted on the North American Network Operators Group mailing list Tuesday night. Internal links on bluesecurity.blogs.com indicate that the blog was configured to operate under the www.bluesecurity.com URL. Further confirmation came from other blogs, including The SunBelt Blog, which linked to a post published early Wednesday on bluesecurity.blogs.com and cited it as appearing on www.bluesecurity.com.
Earlier this week users of Blue Security's anti-spam service, known as Blue Frog, began receiving emails claiming Blue Security's mailing list had been compromised. The company denied the charge, saying spammers were using exisiting lists to intimidate its users. The dispute received coverage on Slashdot, C/Net, The Register, Wired News, MSNBC and the Associated Press.