DNS provider hit by 'massive' DDoS attack on Cyber Monday

DNSimple says that it was hit by a ‘massive' DDoS attack, believed to be the work of Chinese hackers, on Cyber Monday.

The Florida-based company revealed on Twitter that it had been targeted by a volumetric DDoS attack overwhelming DDoS defences, and was working with its network provider to restore service.

After first posting it was seeing a ‘system-wide' DNS outage, the firm added: “We are experiencing a massive DDoS. We are working with our network provider to mitigate it. Apologies.”

In a series of posts later on Monday and early Tuesday morning, the firm revealed that it was working with its network provider to mitigate the volume of UDP traffic, including increasing service capacity.

Most servers at data centres were fully operational briefly on Tuesday morning, only for attackers to return to target the US west coast data centre before ‘ramping' up DDoS attacks internationally.

But the firm finally had everything back to normal at 08:17 UTC (08:17 GMT) on Tuesday. The full details of the incident can be seen here.

“We are no longer experiencing a DDoS attack and are performing clean-up tasks to fully bring things online again,” the firm said on Twitter.

Most of the affected websites are smaller publishers, including UK blogs, with independent academia research website The Conversation confirming that there was no access to the site for ‘several hours'.

DNSimple is a hosted DNS service that aims to simplify domain management, offering both a web interface and Apple iPhone application. These can be used for adding and removing domains and DNS records, as well as HTTP API and various code libraries and tools.

The solution integrates with Google Apps, Amazon AWS, WordPress and Microsoft Azure.