Meetup.com Back Online After DDoS Attacks, Extortion Attempt

Social networking site Meetup.com is finally back online today yet it warns the site could still face future outages following a series of sustained denial of service attacks (DDoS) over the weekend.

Social networking site Meetup.com is finally back online today, yet officials at the site are warning it could still face future outages following a series of sustained distributed denial of service attacks (DDoS) over the weekend.

Meetup is a social networking portal that allows individuals with common interests to converse and convene. The 12 year old site boasts nearly 16 million users who host and attend almost 316,000 meetups a month.

According to a blog post on Monday by Scott Heiferman, the site’s co-founder and CEO, Meetup.com’s “tough weekend” started a day early on Thursday last week when the first of what would eventually be three DDoS attacks crippled their servers. The site remained offline for about 24 hours on Friday before going down again on Saturday at 4 p.m. Thanks to some security changes the Meetup.com team implemented in the meantime the company was able to get the site back up by midnight Eastern Standard Time that night to make the service’s apps and site available to users.

After a relatively calm Sunday the third DDoS attack hit at 8:09 EST that night. With site engineers working feverishly to restore the site’s elements, Meetup popped back online on Monday at 4:30 p.m. EST.

According to the Heiferman the attack was apparently preceded by an email that suggested the DDoS attack could have been mitigated had Meetup.com paid $300:

Date: Thu, Feb 27, 2014 at 10:26 AM   
Subject: DDoS attack, warning

A competitor asked me to perform a DDoS attack on your website. I can stop the attack for $300 USD. Let me know if you are interested in my offer.

Heiferman claims the company agreed not to pay the amount stressing that Meetup didn’t want to negotiate with criminals and set a nasty precedent. The attack started “simultaneously” after.

“Payment could make us (and all well-meaning organizations like us) a target for further extortion demands as word spreads in the criminal world,” Heiferman wrote Monday, adding that if the attackers were simply low-balling them on the $300 the criminals might have just taken their money and then simply demanded more.

While experts agree that Meetup.com’s decision was ethical, some believe the site could have benefited from an established cyber-attack defense plan.

“Long before the demand for cash was made, attackers were likely probing the Meetup service, searching for vulnerabilities and preparing to launch an attack that would do the most harm,” said Ashley Stephenson, the CEO of Corero Network Security, a firm that specializes in DDoS prevention, on Tuesday.

A FAQ posted yesterday by Meetup about the outage assures its users that none of their information was accessed or stolen, the DDoS just made getting onto the site tricky, which in turn made difficult to do its job, let Meetup groups actually Meetup.

To repay its users Meetup.com is crediting all users classified as Organizers with seven extra days. Organizers are basically members of Meetup.com who pay a fee to use the service to find like-minded individuals and set up Meetups. The FAQ adds that any Organizers who were supposed to renew their accounts over the weekend but couldn’t as the site was down have had their renewal periods extended as well.

While Heiferman claims the company will continue to not pay the hackers, he does promise the site will “stable and reliable soon.”

Meetup claimed Tuesday it was still working to restore user functionality and working thru the email queue.

It’ll take time,” the group tweeted Tuesday.

Suggested articles