Topic: BitPay.com is online - page 2. (Read 9022 times)
Just as a said note, I bet if the botter is not a large corp, I bet their paying in bitcoin's for the service ha ha ha ha ha
That's what it was! Sorry, I knew I read it somewhere, just for looking:
http://www.zdnet.com/blog/security/study-finds-the-average-price-for-renting-a-botnet/6528
http://www.zdnet.com/blog/security/study-finds-the-average-price-for-renting-a-botnet/6528
Is $20/min accurate for what it would cost to buy a DDoS of this scale?
It depends. Reading the cloudflare article, it appears as though there are ways to DDOS that are [virtually] free, one of which is DNS reflection. If DNS reflection is used heavily in this case, it might be relatively cheap to keep the DDOS going.My personal suspicion is that it is a ransom (despite bitpay's statement to the contrary), just because the timing is too coincidental with the walletbit DDOS. The DDOS's on both started at the same time.
One user in the comments who claims familiarity with botnets says a typical rental rate for one of this size might be $1/second. (he specifically mentions $30/30 seconds).
No more, if I remember right the article said something around $30 for 30 seconds. So $60 a min. would be more like it if that is correct. But if your buying 4 days worth they probably gave them a discount 
ha ha ha
ha ha ha 
Is $20/min accurate for what it would cost to buy a DDoS of this scale?
After seeing the 65gbps.. Far out, thats one impressive attack... And its not a normal attack...?
A normal attack is about 10
Maybe 20 if they hate you with a passion only an ex-lover could muster up 
Just heard from a source that a little monkey in paypal threw his toys out of his cott when bitpay hit 1,000 merchants.
Maybe you have a big pissed off billionaire paying some russian to ddos?
After seeing the 65gbps.. Far out, thats one impressive attack... And its not a normal attack...?
Maybe you have a big pissed off billionaire paying some russian to ddos?
After seeing the 65gbps.. Far out, thats one impressive attack... And its not a normal attack...?
This is REALLY crazy!! 
We will get it fixed. The right solution is a network of private servers with proxies and DDOS protection for everything. This will take time to deploy properly.
For large merchants, we would consider installing their own instance of bitpay for their payment processing. This is something we could offer as a premium service.
This has made us think of ways to make our service more decentralized and more robust. I agree that someone is trying to attack bitcoin and slow down its rapid adoption.
If we can solve this attack issue, I think everyone will be glad it is now when we have 1,000 merchants and not a year from now when we have 10,000 or more and we're doing $1M/day in processing.
For large merchants, we would consider installing their own instance of bitpay for their payment processing. This is something we could offer as a premium service.
This has made us think of ways to make our service more decentralized and more robust. I agree that someone is trying to attack bitcoin and slow down its rapid adoption.
If we can solve this attack issue, I think everyone will be glad it is now when we have 1,000 merchants and not a year from now when we have 10,000 or more and we're doing $1M/day in processing.
Though to be honest I am very unhappy with not being able to use my payment system and no communication from the company I do understand priority, especially with a 65Gbps attack, MY GOD!!! I am still an unhappy customer, but priority comes first some times. With us when a server goes offline the customer just want's their site back up, while we're still trying to figure out why it went offline and save data. So I do understand but am still a bit of an unhappy customer. Maybe instill a company policy of when there are problem's like this, send out a mass customer email, that's what we do. All our customer's got emails when we couldn't do bitcoin payment's anymore using a mass mail program. Just a thought.
I cannot do the API configuration (Not I do not agree with us having to do it but again priority) because bitpay.com is still offline and I cannot get in to get my Key
so we cannot reconfigure the script yet for this reason. But from what I can tell it's just a single edit, change from SSL to HTTP Auth with is a header field, real quick and simple if we could get in 
In our case we do offer CC payment's, so if a customer needed to pay before we got our own system up 3 hours ago they could have real simple using CC.
My theory is it's not a regular attacker, who has that money to attack for 72 hours at 65Gbps? We're talking something around $20 a min. here in cost or more! My personal opinion is it's Paypal or Visa going after you guys, but that's just my theory. They are the only ones looking to gain from this. Any other attacker no matter what the ransom it wouldn't pay their cost of running that big of an attack for 4 days. Plus if you don't pay and they are busted they just lost their money for the attack ha ha ha
So it's gotta be a big corp doing it that stands to gain from you going down and Bitcoin's being hurt.
I agree with the private IP routing, that would actually work.
I cannot do the API configuration (Not I do not agree with us having to do it but again priority) because bitpay.com is still offline and I cannot get in to get my Key
so we cannot reconfigure the script yet for this reason. But from what I can tell it's just a single edit, change from SSL to HTTP Auth with is a header field, real quick and simple if we could get in In our case we do offer CC payment's, so if a customer needed to pay before we got our own system up 3 hours ago they could have real simple using CC.
My theory is it's not a regular attacker, who has that money to attack for 72 hours at 65Gbps? We're talking something around $20 a min. here in cost or more! My personal opinion is it's Paypal or Visa going after you guys, but that's just my theory. They are the only ones looking to gain from this. Any other attacker no matter what the ransom it wouldn't pay their cost of running that big of an attack for 4 days. Plus if you don't pay and they are busted they just lost their money for the attack ha ha ha
So it's gotta be a big corp doing it that stands to gain from you going down and Bitcoin's being hurt.
I agree with the private IP routing, that would actually work.
Bitpay will emerge stronger from this one stronger and harder to attack.
That which does not kill you, makes you stronger.
If this doesn't apply to any activity on the Internet, then it can't apply to anything.
Top 5%? Are you guys the ones that are being hit with the 65Gbps?
http://blog.cloudflare.com/65gbps-ddos-no-problem
http://blog.cloudflare.com/65gbps-ddos-no-problem
That would be us, yes. Steve is in touch with them on a regular basis. This botnet attacker is just relentless.
How does this mesh with the end of the article?
Quote
What was fun to watch was that while the customer under attack was being targeted by 65Gbps of traffic, not a single packet from that attack made it to their network or affected their operations. In fact, CloudFlare stopped the entire attack without the customer even knowing there was a problem. From the network graph you can see after about 30 minutes the attacker gave up.
Why dont you set up a host of private IPs for your customers to use to process payments? I might be missing something, but let the criminal DDoS your public site all he wants, if he doesnt know the IPs your customers use, then the impact should be minimal, no?
Top 5%? Are you guys the ones that are being hit with the 65Gbps?
http://blog.cloudflare.com/65gbps-ddos-no-problem
http://blog.cloudflare.com/65gbps-ddos-no-problem
That would be us, yes. Steve is in touch with them on a regular basis. This botnet attacker is just relentless.
How does this mesh with the end of the article?
Quote
What was fun to watch was that while the customer under attack was being targeted by 65Gbps of traffic, not a single packet from that attack made it to their network or affected their operations. In fact, CloudFlare stopped the entire attack without the customer even knowing there was a problem. From the network graph you can see after about 30 minutes the attacker gave up.
Top 5%? Are you guys the ones that are being hit with the 65Gbps?
http://blog.cloudflare.com/65gbps-ddos-no-problem
http://blog.cloudflare.com/65gbps-ddos-no-problem
That would be us, yes. Steve is in touch with them on a regular basis. This botnet attacker is just relentless.
Top 5%? Are you guys the ones that are being hit with the 65Gbps?
http://blog.cloudflare.com/65gbps-ddos-no-problem
http://blog.cloudflare.com/65gbps-ddos-no-problem
our site is under a massive DDOS attack, has been for 4 days now, and our DDOS protection service says it is massive, in the top 5% of attacks they see. Someone is very, very determined to knock out bitcoin and bitpay right now.
Our site will be up when the attacker stops, or when we keep adding enough firewalls to block all of the botnets.
Once we add the firewalls up, the API and all of the plugins will need to be reconfigured. We can only do one thing at a time. First thing is to stop or block the attack. We can't get to steps 3 and 4 until that is done, otherwise its a waste of time.
There are other bitcoin payment solutions out there, or you can build your own.
Our site will be up when the attacker stops, or when we keep adding enough firewalls to block all of the botnets.
Once we add the firewalls up, the API and all of the plugins will need to be reconfigured. We can only do one thing at a time. First thing is to stop or block the attack. We can't get to steps 3 and 4 until that is done, otherwise its a waste of time.
There are other bitcoin payment solutions out there, or you can build your own.
Is there any indication where this is coming from or why they are doing it?
Are they asking for a ransom?
our site is under a massive DDOS attack, has been for 4 days now, and our DDOS protection service says it is massive, in the top 5% of attacks they see. Someone is very, very determined to knock out bitcoin and bitpay right now.
Our site will be up when the attacker stops, or when we keep adding enough firewalls to block all of the botnets.
Once we add the firewalls up, the API and all of the plugins will need to be reconfigured. We can only do one thing at a time. First thing is to stop or block the attack. We can't get to steps 3 and 4 until that is done, otherwise its a waste of time.
There are other bitcoin payment solutions out there, or you can build your own.
Our site will be up when the attacker stops, or when we keep adding enough firewalls to block all of the botnets.
Once we add the firewalls up, the API and all of the plugins will need to be reconfigured. We can only do one thing at a time. First thing is to stop or block the attack. We can't get to steps 3 and 4 until that is done, otherwise its a waste of time.
There are other bitcoin payment solutions out there, or you can build your own.
Im not trolling, im a very pissed off business owner that cannot take payments from clients.
Clients are looking at us like fools.
I think im entitled to be fairly annoyed - No support, being told to recode the API myself??
And Bitpay takes a percentage from our profits...... Im not willing to give the company that benefit after this.
Sorry BitPay, but while shit hits the fan you have to keep your clients INFORMED. Leaving merchants with API's just hanging there is not acceptable.
Clients are looking at us like fools.
I think im entitled to be fairly annoyed - No support, being told to recode the API myself??
And Bitpay takes a percentage from our profits...... Im not willing to give the company that benefit after this.
Sorry BitPay, but while shit hits the fan you have to keep your clients INFORMED. Leaving merchants with API's just hanging there is not acceptable.
Bitpay will emerge stronger from this one stronger and harder to attack.
Jump to: