Namecheap targeted in monumental DDoS attack

The service known for hosting millions of Web sites is the victim of a cyberattack that knocked out connections for domains around the world.

The Web-hosting service Namecheap was hit with what it says was one the largest distributed-denial-of-service attacks "anyone has seen or dealt with."

On Thursday morning roughly 300 domain names hosted by Namecheap were targeted in a DDoS attack -- a common hacker tactic that causes sites or servers to be bombarded with illegitimate traffic. The massive attack likely caused wide-spread connectivity issues among the hundreds of thousands of other domain names using Namecheap's DNS platform.

"Today is one of the days that, as a service provider who strives to deliver excellence day in and day out, you wish you never had," Namecheap CEO Richard Kirkendall and Vice President Matt Russell wrote in a company blog post.

Kirkendall and Russell said they're constantly battling DDoS attacks and almost always can keep them at bay. However, Thursday's attack was too massive to contain.

"The sheer size of the attack overwhelmed many of our DNS servers, resulting in inaccessibility and sluggish performance," Kirkendall and Russell wrote. "Our initial estimates show the attack size to be over 100Gbps, making this one of the largest attacks anyone has seen or dealt with. And this is a new type of attack, one that we and our hardware and network partners had not encountered before."

Just last week, a record-breaking DDoS attack against a CloudFlare customer was reported. At its peak, this attack reached more than 400Gbps, which is 33 percent greater than the previous record-holding attack against Spamhaus last year.

Namecheap rose in popularity in 2011 when it promoted a "move your domain" day in protest of its rival GoDaddy supporting the US government's SOPA copyright bill. In the face of the protests, GoDaddy withdrew its support for the bill.

In 2009, GoDaddy itself was the victim of a DDoS attack. During this hack, several thousand Web sites went dark for several hours. Blog hosting service WordPress has also been hit with DDoS attacks. In 2011, the service experienced a massive attack that brought connectivity issues to millions of blogs.

As for Namecheap, Kirkendall and Russell said the attack is now under control and 99 percent of their servers are back to normal. No individual or group has yet claimed responsibility for Thursday's attack.

Updated at 5:55 p.m. PT to clarify the number of domains affected by the DDoS attack.

Tags:
Security
About the author

Dara Kerr is a staff writer for CNET focused on the sharing economy and tech culture. She grew up in Colorado where she developed an affinity for collecting fool's gold and spirit animals.

 

Join the discussion

Conversation powered by Livefyre

Show Comments Hide Comments
Latest Galleries from CNET
10 gloriously geeky highlights from 2014 (pictures)
Busted! CNET readers show us their broken devices (pictures)
Take a closer look at the BlackBerry Classic (pictures)
Scout is big on custom home security (pictures)
Your rentable Middle-earth home away from home (pictures)