Two days after Fiverr removed listings from its website that advertised so-called "stresser" DDoS-for-hire services, the company's website suffered a six-hour long DDoS attack.
Fiverr hit by nonstop DDoS attacks after removing illegal adverts
Last week, a security research firm had discovered that hackers were offering DDoS services for as low as $5 on Fiverr. Fiverr, a marketplace for digital services, is renowned for offering services at low price tags, but no one had imagined the site was being used to offer illegal services. Advertised as "stresser" services to test the resilience of your own servers and website, the security firm Incapsula found out that hackers were willing to offer a network of enslaved botnets to a buyer for launching DDoS attacks against any website they want for just $5.
“Honestly, you [can] test any site. Except government state websites, hospitals,” was the response they [researchers] received from one of the freelancers. Fear of government aside, it goes to show how easy it is to hire DDoS services, and that too for just $5.
After reporting to Fiverr, the online marketplace removed all those adverts claiming to offer DDoS-for-hire services.
Fiverr later on removed these so-called stresser providers, which also confirms how easy it is to get rid of these organic viruses.
While that is a good news and shows the promptness of the company, Fiverr had to face a backlash for this decision as the site went down for almost six hours. The incident took place on Friday, when the company admitted the issue on its Twitter account. While Fiverr didn't confirm if it had to deal with DDoS attacks, many have speculated that the hackers were retaliating for being kicked out of Fiverr.
Fiverr has been down for 5 hours. Looks like the DDoS services they kicked out from Fiverr are now retaliating? https://t.co/FXV2TWkYOd
— Mikko Hypponen (@mikko) May 27, 2016
The decision evidently backfired for Fiverr as it suffered a massive DDoS attack. The site was back up after some 6 hours, and remains up and available to public.
- More in security: LinkedIn Hacker is Now Selling 65 Million Tumblr Passwords, Stolen in 2013
