Author

Topic: ** BitcoinPool.com back online after DDoS attack ** (Read 1343 times)

sr. member
Activity: 252
Merit: 251
Yandex abuse team doesn't give a shit about western companies or people emailing them.

They even have $USD rates on blackhat IRC for which they will let you use
domain ranges and bandwidth for spam, fraud, denial of service or other illegal activity without alerting the authorities or pulling the plug on you

These aren't just individual PC's or infections, they are renting their content crawlers in Ukraine and Russia for high bidders.

http://webhosting.bigresource.com/Should-I-block-Yandex-IMB0TFDV.html
member
Activity: 83
Merit: 10
Glad you guys have this under control and glad you keep your users informed. Your transparency is appreciated. Smiley
full member
Activity: 140
Merit: 430
Firstbits: 1samr7
It sure wasn't down for long, I saw less than an hour of downtime.  Kudos on the quick response, Fairuser.
sr. member
Activity: 1344
Merit: 264
bit.ly/3QXp3oh | Ultimate Launchpad on TON
As many of our user's have noticed service has been less than good the last few days.  This was caused by a DDoS attack.  We have managed to get control of the situation by notifying hosting providers and blocked several thousand IP addresses in several dozen class C networks.

The main Russian ISP that the attacks were coming from is Yandex LLC.  When we blocked the attackers IP address or an entire class C network, within minutes the attacker would be using a different address in a completely different class C network.  After doing this song and dance for several hours, we realized that it was mostly coming from Yandex and sent off an e-mail to their abuse address.  We haven't received a response from them, so we took drastic action and blocked every IP address owned by Yandex.  After blocking Yandex, everything seems to have returned to normal.  If you are a user in our pool coming from this network, please PM me your IP address and I will white-list it.

We'd like to apologize to our users for the inconvenience of this attack.  We're keeping a close eye on logs and traffic analyzers to monitor for any new attacks so we can block them before they disrupt the pool any further. 

Thank you for your understanding and tolerance for the situation, we appreciate it.

Best Regards Smiley

Jump to: