RSS feed reader Feedly and note-taking service Evernote have all faltered, at least briefly, on June 11th, 2014, as hackers took down each service in separate incidents. Both Evernote and Feedly, two services that work together, confirmed they suffered DDoS (distributed denial of service) attacks. Tweet management Tweedeck was forced to go offline to fix a bug on its software.
DDoS attack is to make a site unavailable to users by interrupting or suspending the target from connecting to the internet. Feedly confirmed this on its blog post, and also said that hackers were holding the site up for ransom.
Though both attacks were able to take these two services down, Evernote and Feedly have each released statements assuring users that their data is not in jeopardy.
By utilizing a massive network of private computers infected with malicious software, a DDoS attack can temporarily shut down website. Although the attack rarely causes any long-lasting damage, and is relatively useless for hacking into sensitive user data, DDoS can cause much trouble to a service that is dependent to the internet.
DDoS attacks by flooding the service and/or attacking the service to make it temporarily unavailable. But usually, DDoS issue tends to resolve itself when the sudden influx dies.
"The attacker is trying to extort us money to make it stop," said the Feedly's blog post signed by CEO and co-founder Edwin Khodabakchian. "We refused to give in and are working with our network providers to mitigate the attack as best as we can."
Feedly that gained its popularity after Google announced the closure of its reader service, said that it's working "in parallel with other victims of the same group and with law enforcement."
"As is the nature of DDoS attacks, there was no data loss, and no accounts were compromised," said the post.
Evernote restored its service within five hours after the attack, with a few hiccups as it resolves itself from the attack. Few hours later, Feedly successfully upgraded its infrastructure and restored its service back to normal.
The inconvenience were continued by words spread that said flaws had been discovered in Twitter's management service TweetDeck. Users of the service were urged to log out until a fix was put in place. A bug in the code allowed hackers to flash pop-up windows with messages. Some Twitter users also inadvertently retweeted a post containing a string of code.
Using a vulnerability known as cross-site scripting (XSS), hackers were able to insert code into certain tweets, which could then compromise a user's account. At the moment of the attack, many users complained that the exploit was causing accounts to retweet a message without the users’ permission.
A Twitter user that decided to show just how effective the TweetDeck exploit was, posted a tweet that automatically retweeted itself. Hours later, that message had been retweeted more than 80,000 times.
Twitter, which acquired TweetDeck in 2011, said it fixed the problem in a few hours. Twitter had to take TweetDeck offline temporarily as it implemented the fix. Later in the day, the company said it had verified that the solution worked, and restarted the service.
Cybercriminals have discovered more powerful ways to attack a web service by exploiting internet protocols such as DNS, NTP and even SNMP which allow themto carry out more sophosticated DDoS attacks with the use of a little skill and relatively small amount of resources.
Feedly's decision to not pay the ransom is a way to discourage cybercriminals to carry out more of such attacks.