All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Quick update about our outage
jordynegen11
Member
Hello all,
I want to give you a quick update about our outage this night (local time)
We received a letter per mail ([email protected]) that we had to transfer some bitcoin or we will be victim of a DDoS attack. After that we received a DDoS attack of at least 90Gb/s
Dear Finalhosting,
These demands are aimed at FINALHOSTING
x.x.x.x/xx
x.x.x.x/xx
x.x.x.x/xx
As you have noticed, you have recently been victim of a ddos.
To prevent FINALHOSTING disruptions in the future, please deposit 0.03525 BTC(bitcoin) > > (250 EURO now) to the following address:
--> 1Br6yD6hnwsUcgYP24S57PQGbnRiGAy2C8 <-- Please, do not make this public. This will create copy cats! Payment is required before 22 May 2019 23:00:00 CEST You have almost 25 hours to meet my demands! --> Please confirm that you have seen this e-mail to establish a communication channel. > > <--- If no response/payment is given, DDOS will happen at random times today. If no payment is made before the above deadline, the ransom will increase! After payment, you will never hear from me again and the attacks will stop. There is no other way to restore infrastructure! You can respond to this ticket by simply replying to this email or through the admin area at > the url below.
So let's be clear: We don't pay anything in any case. We will continue to find a solution.
Today we will check if this lunatic stopped his attack for good. if not, we have a backup plan already in place.
We apologize to all customers who are currently experiencing downtime, you will be compensated later.
For more information and updates you can follow our twitter: https://twitter.com/Final_hosting
Comments
Best to not make it super public because that's usually one thing that ransom attackers want.
@Francisco are those the ones who hit you last time? Anyway, good to see hosts not negotiating with the bad guys
We have been approached by other providers here, NOTE that this has happened to them too.
The good parts were that your status page remained available during the attack and I was actually able to find out what was happening from your online chat.
Best wishes for surviving the extortion attempt.
Perhaps consider hosting you client panel and main site external to your network, or at-least putting a page up on your domain.
If it's the same attacker thats been going around then you may be in for a long term issue.
update:
So right now all DDoS protected VPS servers are UP. We installed a dedicated line for those VPS servers.
Today we will migrate all servers to our DDoS protected network and all VPS servers will get a second (temporarily) IPv4 address.
We will first get our site back up now.
Yeah, we've had this happen too. ~100Gbps. They started with our website, and moved on to scanning our subnets and attacking them. Fortunately our DDoS protection didn't allow anything to go down for more than 2 minutes. You definitely can't pay them. They'll know you're an easy target and come back again at another time demanding more.
I've had something similar aimed at me. They took me down for 25 min, then I kicked up filtering. The person harassed me for a week, then gave up.
Not a penny for ransom, a million for defense.
Waiting on some movie to be made where these fuckers get what they deserve. John Wick style.
@jordynegen11 Don't pay the attacker anything, you will be recurrently victimized. Have in mind that attacks cost the attacker too. Just invest in mitigation resources and face the attack head on.
Not necessary, I talked to people, who had a 10Gbit backbone.
That was a while back, he told me:
"We have a 10Gbit backbone, we could DDoS anyone we like to DDoS and if they ask, we just tell them a costumer abused his vps and the issue is solved"
Some people just have these resources, of course it costs something but for some it costs nearly nothing.
Sometimes they even use AWS or Azure trial accounts, just check if the attacks last longer then 5 minutes if no its likely some free cloud shit.
What's the going DDOS rate on the Darknet?
10 gbit these days is not much of a ddos I thought. And do they really let you spew that much from an aws trial account?
Not sure if you get 10Gbit from cloud trials, but as I heard it wont last longer then like 5 minutes because then at least they take notice and kill it off.
You should not be able to launch the 10G large instances on AWS trial at least, they asked me to fill out limit increase request forms (default limit = 0 for many instance types) even off trial
I am one finalhosting customer and i clearly say "It's OK, @jordynegen11 you did the right thing not giving in".
Sooner or later those pieces of shit will be found and put into a cell with the lock welded.
You can use theses 10G for amplification and make it become 30-40G.
I imagine these people come from countries where law enforcement is poor.
I imagine these people come from countries where law enforcement is in on it.