InfoSec News & Investigations

ProtonMail targeted by a large DDoS attack

ProtonMail, the secure encrypted email service in Switzerland have been having  bad time recently.

protonemaillogo

ProtonMail, an encrypted email provider, has been coerced into forking over 15 bitcoin (the equivalent of $6000) by hackers who targeted the provider with a sustained DDoS attack that started on Nov. 3.
ProtonMail was launched by researchers at the CERN lab in Switzerland and MIT, marketing itself as an “NSA-proof” email solution with the simplicity of Gmail, according to a report by Forbes.
I have my own account on ProtonMail and I like what the guys are doing there, the encrypted function works really well. So well in fact it seems to be annoying advanced players in the hacking game. Resulting in a DDoS against the company. This attack was quite unprecedented in size and scope , its believed to hit the 100 GB/s mark.
Its understood that the attack that started was only targeting ProtonMail, they paid the ransom and then the attacks continued. The original DDoS claimed this wasnt them anymore and a 2nd DDoS attack was taking over.
The cope of the second DDoS took down the Data Centre along with other companies hosted there, including some banks and also the ISP was targeted. They were now attacking the data center and routers in Zurich, Frankfurt and other node locations of its ISP.

Someone isnt happy with this secure mail platform as the mail is not able to be decrypted. Something the NSA and GCHQ have been moaning about for a while.

As a result, ProtonMail is relying on crowdfunding to help cover the cost of the DDoS protection. The campaign, created on GoFundMe on Thursday, has raised $5,291 of its $50,000 goal in the first four hours of its campaign.

The latest tweet as of time of post is below, seems the attack is still continuing.

 

The founders of ProtonMail spoke to the Guardian Newspaper. They said:

ProtonMail is headquartered at the European Organization for Nuclear Research, or Cern. It has become widely known in the US since its appearance on popular USA network drama Mr Robot.

“We are still poring over the evidence and will be working with the Swiss federal cybercrime unit,” ProtonMail co-founder Andy Yen told the Guardian, adding that the source of the second attack had not yet been conclusively determined. Yen also said that he knew of “several dissident groups who are actively using ProtonMail”, and are based in countries known for hacking attacks.

“But we know after speaking with the experts that came to our aid that there are few groups capable of carrying out an attack of this size and sophistication. This is likely the biggest and most sophisticated DDoS attack to ever occur in Switzerland,” Yen said.