430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

German encrypted email service Tutanota suffers DDoS attacks

The popular encrypted email service Tutanota was hit with a series of DDoS attacks this week targeting its website fist and its DNS providers later. Encrypted email service, Tutanota suffered a series of DDoS attacks that initially targeted the website and later its DNS providers. The company currently has over 2 million users, some of them were not […]

German encrypted email service Tutanota suffers DDoS attacks

The popular encrypted email service Tutanota was hit with a series of DDoS attacks this week targeting its website fist and its DNS providers later.

Encrypted email service, Tutanota suffered a series of DDoS attacks that initially targeted the website and later its DNS providers.

The company currently has over 2 million users, some of them were not able to access the service for several hours.

The first DDoS attacks targeted Tutanota on the weekend before September 14th, following the attacks a few hundred users were not able to access the service. The company quickly mitigated the attacks by restricting an “overreacting IP-block” responsible for the attack.

“This weekend continuous DDoS attacks and an infrastructure issue led to donwtimes for hundreds of users. While we were able to mitigate most of the DDoS, an overreacting IP-block to fight the attacks led to hundreds of users not being able to access Tutanota for multiple hours this Sunday. ” reads a blog post published by Tutanota.

The company explained it has enhanced anti-DDoS measures which should make it quicker to such kinds of attacks in the future.

“We are now able to mitigate most attacks within short times,” continues the post.

In the second wave of attacks, threat actors hit the DNS provider which hosts records for Tutanota, instead of the company servers.

“After multiple direct attacks on Tutanota, the attacker yesterday aimed at two providers that host the Tutanota DNS records.” reads a second post published by the German company.

“As a result these providers went down. We quickly tried to update our DNS records and host them at another provider. This did not work initially because the DNS entries got locked at one of the DNS hosting providers.”

Due to the DDoS attacks, the DNS providers were down and the company was not able to change the DNS entries for its domain. Millions of users were not able to access their Tutanota accounts.

“While we were moving another domain to a different registrar, our tutanota.com domain got unlocked again. We then registered our domain on a third, more robust DNS hosting provider that is able to hold against the ongoing attacks.” continues the post. “We have updated our DNS records, and universal access has finally been restored Thursday morning around 7:30 CET.”

The company explained that due to the intermittent outages several emails sent to its users may have not been delivered.

Tutanota confirmed that no user data was compromised following the attacks, it also added that it is still suffering accessibility issues.

“Issues that are remaining now are caused by caching and propagation: Each DNS server does not ask for the next update, until the old DNS entry expires. Some servers cached old nameservers during the time that our domain was locked.” concluded the post.

“This is the reason why Tutanota is still not accessible for some users, even though our status page says that everything is up and running. DNS entries are slowly propagating so that soon all users can access Tutanota again.”

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Tutanota)

[adrotate banner=”5″]

[adrotate banner=”13″]