Plenty Of Fish Hit By DDoS Attack

POF (Plenty of Fish)
  • Tuesday, June 03 2014 @ 07:12 am
  • Contributed by:
  • Views: 1,842

If you tried to access PlentyOfFish on May 20th, you may have run into a major roadblock. The site’s 503 page simply said “The page you are looking for is currently unavailable. Check back shortly!" Behind the scenes of the service outage, something a little more sinister was going on.

Around 7am that morning, POF received a warning of an impending DDoS attack. It isn't unusual for large websites to receive similar threats that turn out to be fake, but in this case the threat was real.

The DDoS (distributed denial of service) attack hit just before 8:15am. Such attacks are launched from thousands of computers around the world that have been infected with malware. Without the owner's knowledge, each computer repeatedly sends false requests to a site until it’s overwhelmed. The initial attacks took down the Plenty of Fish website, followed later by the company’s mobile apps on iPhone, iPad and Android.

POF was quick to note that although the attack was large, it did not compromise anyone's data in any way. “That said,” the POF blog noted, “these requests can overload our servers and can even cause ISP problems, so we quickly worked with our ISP to identify the offending traffic and tried various means to block it.”

Later in the day, another message was sent to POF, this time asking for money in exchange for ending the DDoS attack. POF refused to negotiate, and by 1pm they had successfully blocked the attack and returned all services to normal.

“We’re still on high alert and working hard to respond to attacks like this more quickly in the future,” concluded the blog post about the attack, “but in the meantime I’m happy to report that all of you are back to doing what you do best; sending messages, going on dates, and forging meaningful relationships. Thanks for your patience today.”

DDoS attacks are becoming increasingly popular and increasingly powerful, thanks to new methods being used by attackers. The attack on Plenty of Fish was 40 Gigabits in size, making it much larger than the attack that took Meetup.com off-line for nearly 5 days last month (which was “only” 8 GBps). The list of companies that have been attacked in this manner is increasing all the time, including Basecamp, Vimeo, Bit.ly, and Moz.

The good news is, that although DDoS attacks are irritating for users and even more frustrating for the companies who fall victim, they do not put users’ data in danger.