Extortion DDoS targets multiple email providers

At least six email service providers have been hit by a large distributed denial of service (DDoS) attack this past week.

The attacks have hit Thexyz (a privacy-first email provider based in Canada), Posteo (a secure email provider based in Germany), Runbox (a Norwegian-based email service), and Fastmail (a privacy-first email provider based in Australia).

We have published a statement regarding the recent DDoS attacks against Runbox and other email providers.https://t.co/K0GHZLTmBm

— Runbox (@Runbox) October 23, 2021

“We received extortion notice and demand for Bitcoin to avoid a DDoS,” Thexyz said in an announcement post earlier today.

“We have received these extortion attempts in the past and will not pay the ransom demanded. Organizations must not allow themselves to become victims of extortion by criminals under any circumstances,” the Canadian company said.

We’re seeing an ongoing attack against our primary network provider. We’re working with them to block the attack and restore access.”

— Fastmail (@Fastmail) October 22, 2021

While generally overshadowed by the extortion attempts orchestrated by ransomware gangs, threat actors who rely on DDoS attacks to force companies to pay ransom requests are still very active. At the time of writing this, no bitcoin payments appear to have been made as the bitcoin wallets reports a zero balance on the blockchain.