StormPay Slammed by DDoS Attack

Hackers Attempt to Extort Money from Online Financial Services Companies

February 10, 2006 - StormPay, an Internet payment gateway for online auctions and other e-commerce sites, is fighting its way back after a severe Distributed Denial of Service (DDoS) attack. The attack was delivered with the intent of extorting money from the company. The attack was so large that the company's Domain Name System (DNS) servers could not keep up. When the servers failed, the whole website was brought down for most of the weekend.

The hackers used a DoS amplification attack, employing a botnet to send huge volumes of requests to other DNS servers. These DNS servers saw the requests as coming from the StormPay servers and sent their replies back to StormPay like a flood. Because the DNS response is larger than the request, the attack is amplified when it hits the victim's servers.

StormPay processes over 40,000 transactions per day. Because of the attack, service to the company's clients was lost or degraded for more than two days. At peak times, the load on StormPay servers was as high as 6 gigabits per second.

Source: Netcraft

About Secure64 Software Corporation
Secure64® is a software developer providing highly secure DNS and server applications with built-in denial-of-service protection features to help ensure your Internet-dependent business is always accessible. Based on the genuinely secure SourceT® microOS, Secure64 DNS remains highly available during network attacks and is immune to compromise from rootkits and malware.

DNS Security News Index