Sorry your browser is not supported!

You are using an outdated browser that does not support modern web technologies, in order to use this site please update to a new browser.

Browsers supported include Chrome, FireFox, Safari, Opera, Internet Explorer 10+ or Microsoft Edge.

Geek Culture / TurboSquid Attacked by Botnet Extortionists..Doesn't Give Into Demands and Fights Back!

Author
Message
JLMoondog
Moderator
15
Years of Service
User Offline
Joined: 18th Jan 2009
Location: Paradox
Posted: 1st Nov 2013 20:48 Edited at: 1st Nov 2013 20:50
Link
Not sure if anyone else is a TurboSquid artist, but today CEO of TS sent out an email, here's what it read:


Last weekend, TurboSquid.com was the target of a distributed denial-of-service (DDoS) attack as part of an extortion attempt. The attack on the site, which began around 4pm CST on Friday, caused intermittent issues from then through Sunday morning for those attempting to access the site. We want to let you know that no information was compromised and no 3D content was stolen as a result. That wasn’t the intent of the attack.


This attack used literally thousands of computers that were set to make requests at the same time of TurboSquid.com. When that happens, it’s hard to determine the valid from the invalid traffic, and the onslaught is intended to bring firewalls and all networking gear to a point of overload where the site cannot even process requests at all. People refer to these attacking computers as “botnets”, which are usually virus infected computers where the owner has no idea that they are compromised, but that can be commanded by remote.


The attack was run as a ransom, with various threats over time being sent to us. At first they claimed to be an artist that could not get their money, then later claimed to be mercenaries “hired by a competitor”. The goal was to force us to negotiate, and they even used cliches about “how we mean business” and lines out of a movie. They did mean business, though. An ongoing outage that could last for days or a week could cause significant damage, and when they “turned on the flood”, it was quite a flood.


We hired one of the top firms in the world hours after the attack had started, and began locking down our defenses for this magnitude of event. Our team put in massive overtime under an intense, and collaborative battle to protect the livelihoods of so many people. There are a lot of moving parts to TurboSquid, and so during the process some things were fixed while others were broken by the fixes. Because we weren’t sure about giving out information and compromising our position, or whether we could even host a page at all that wouldn’t just get attacked, or whether explaining what had happened would encouraging the attackers more, we faced some unexpected communication challenges.


There is now heightened filtration of the system that runs continuously, and is set to ramp up at a moments notice. It is possible that you might be blocked from the website accidentally. If that occurs, as a TurboSquid artist, we ask that you take the time to help us solve the problem and trace it if has anything to do with these new defenses.


At this moment, would you please check that www.turbosquid.com is functioning correctly for you? You don’t actually even need to login, we just want to make sure that the pages are routing for you in a normal way for searches and basic product page views that are not cached.


For the future, please keep this newsletter in your email because it has links to other areas of the site you can check to see if we put up a DDoS attack message. We will also try to send out a newsletter if things reach such an extreme again to keep you in the loop for what is going on.


Here are some suggestions if the main site is non-responsive:

Try support.turbosquid.com. This site is a hosted service away from TurboSquid and may stay up and be available even when the main site is not working. If there is no information posted there, please initiate a chat session or create a support ticket to let our support team know. Somebody is available 24/7 with only a few exceptions, and all are TurboSquid staff that I know personally, not 3rd party contractors.

If it is during the US workday, call us at +1 504-525-0990 or US toll free 866-915-5050.

Check the TurboSquid Blog to access posts with details and updates.

Check your email. In the future, we will send alerts via email to keep you posted on any issues that may impact a significant number of members.

Look to our social channels. We will post messaging to our own Facebook page and via our Twitter account. During this weekend's outage, our CEO posted updates and discussed the situation with artists via an independent TurboSquid Community page on Facebook. We will rely on our own accounts for future updates to reach as many of our artists as possible.


As you could imagine, many of us had visions of all of us as vigilantes hunting down these folks - with 35,000 artists we have some real muscle! In truth, it is hard to know who is really behind such an attack, and there is not much we can do to other than make sure our own business is secure, and offer to help anyone else who finds themselves in similar need, which we would gladly do.


The best news is that customers waited and were very patient and understanding with us, and altogether it looks like we lost very few sales. October was our best month ever, beating our previous record by 10%. I owe a debt of gratitude to the staff and everyone who helped us, and of course, some real rest and relaxation for those who sacrificed sleep and a bit of sanity to keep it all together.


Regards,

Matt


Now that is a dedicated staff and CEO. I didn't even know attacks like these even occurred! Crazy!

Inmortalis Nox
Back to top
Profile PM Email Website
nonZero
12
Years of Service
User Offline
Joined: 10th Jul 2011
Location: Dark Empire HQ, Otherworld, Silent Hill
Posted: 2nd Nov 2013 21:39
Link
Wow, to think someone would do this to a site helping artists. But yeah, gotta agree that was great responsiveness.

Quote: "I didn't even know attacks like these even occurred!"

All the time, but they usually involve anarchist groups targeting governmental departments or large companies that have done/said something the group finds displeasing.

Back to top
Profile PM Email Website
Back to top

Login to post a reply

Server time is: 2024-05-29 00:01:57
Your offset time is: 2024-05-29 00:01:57