Here are a couple additional things to note:
- bit-pay.com no longer bounces to bitpay.com (we'll re-enable it when I have more time)
- http://bitpay.com no longer redirects to https://bitpay.com (again, I'll re-enable when I have more time) …you have to go directly to https://bitpay.com
Also, one of the issues that this has created for us is that the old SSL client certificate based method of API authentication no longer works (due to the anti-DDOS proxying of connections). We were planning to keep that method active until all merchants had a chance to migrate. Unfortunately we've not yet had a chance to upgrade all shopping cart plugins to use the new API key based method of authentication. If you're using one of our shopping carts and are unable to process a checkout, send me a private message.
Topic: BitPay.com is online - page 4. (Read 9022 times)
Didn't the attacker state his motives? Is it for money, or what?
We cannot elaborate on any specific information like this. 
Didn't the attacker state his motives? Is it for money, or what?
We have deployed some additional DDOS protection so https://bitpay.com is back online. Not all merchants are able to get through the firewall just yet, but we are working with each one.
Email [email protected] with any issues. Steve cannot access PM on this forum so you will not get through unless you email him directly.
If the attacker steps the attack the site may go down again without warning.
We will be deploying a much more robust system in a few weeks. But this protection may hold us over until that can come online.
Email [email protected] with any issues. Steve cannot access PM on this forum so you will not get through unless you email him directly.
If the attacker steps the attack the site may go down again without warning.
We will be deploying a much more robust system in a few weeks. But this protection may hold us over until that can come online.
How long do you think this will take? Are we talking tomorrow or days? As we count on your servers to process payments we are kind of dead in the water with bitcoins till then unless we pull out manual payments.
This really depends on the attacker at this point…we'll keep trying to bring the site back online and improve our anti-DDOS capabilities as best we can…I expect he'll continue to attack. There's really nothing else we can do. 
How long do you think this will take? Are we talking tomorrow or days? As we count on your servers to process payments we are kind of dead in the water with bitcoins till then unless we pull out manual payments.
That is the beauty of bitcoin. Anyone who wants any of my product can message me here or through my store. I can take your bitcoin myself and verify the payment.
It is less convenient and I hope the attackers are know they are damaging bitcoin by making it appear less reliable.
If Visa/MC is down, I can not take the payment myself without them.
How long do you think this will take? Are we talking tomorrow or days? As we count on your servers to process payments we are kind of dead in the water with bitcoins till then unless we pull out manual payments.
I am still in Europe and Steve is also away.
i would think a payment processing business with a thousand merchants relying on them would do better than allow the situation where not even one principal is available to keep the machines running.
Posted on our blog
http://blog.bitpay.com/
Our site was back online for about 12 hours today. It worked great during the London Conference, then the attacker found a way to defeat our DDOS protection.
I am still in Europe and Steve is also away. We have taken the site offline until we can return home and properly deploy new servers. Or until the attacker gives up and moves on.
http://blog.bitpay.com/
Quote
Starting around 4:00 pm on Saturday September 15, bitpay.com came under a syn-flood denial-of-service attack.
At no time does it appear that any of bitpays servers or databases were ever compromised. All bitcoins and all funds are fully secure and accounted for.
Bitpay will deploy stronger protection against DDOS attacks, but we expect our service to be down for several days. We apologize for this inconvenience.
At no time does it appear that any of bitpays servers or databases were ever compromised. All bitcoins and all funds are fully secure and accounted for.
Bitpay will deploy stronger protection against DDOS attacks, but we expect our service to be down for several days. We apologize for this inconvenience.
Our site was back online for about 12 hours today. It worked great during the London Conference, then the attacker found a way to defeat our DDOS protection.
I am still in Europe and Steve is also away. We have taken the site offline until we can return home and properly deploy new servers. Or until the attacker gives up and moves on.
Jump to: