Blackmailers try to black out Million Dollar Homepage
Popular pixel ad site comes under DoS attack from hackers who are demanding a ransom to stop, site's owner says.
The Million Dollar Homepage site is battling back a DoS onslaught that has escalated since it began last week, its owner and the site operator said Wednesday. The site, which successfully raised $1 million by selling ad space for $1 per pixel, was launched by British student Alex Tew and gained notoriety for its unique approach to online advertising.
"I can confirm that MillionDollarHomepage.com has been subjected to a distributed denial-of-service attack by malicious hackers, who have caused the site to be extremely slow loading or completely unavailable since last Thursday," Tew stated on his blog.
The blackmailers have demanded a ransom of $50,000, said Russell Weiss, vice president of technical services at InfoRelay, which operates the site.
In a denial-of-service attack, miscreants typically flood a Web server with false requests for information, overwhelming the system and ultimately crashing it.
Attack-related "traffic on the site was sporadic last Wednesday night, but it was significant by Thursday, and it's continued to escalate," Weiss said. "Our third-party analysis has indicated 22,000 to 23,000 hosts are attacking the site, but that's probably underestimated."
As InfoRelay increased the site's resources to battle the DoS attack, the extortionists upped their attack, Weiss said. He said, however, that the site should have a permanent solution to the problem in place within the next few days. The site was online on Wednesday morning.
Tew and InfoRelay are working with the FBI on the case, Weiss added. "There are clues that a Russian group may be involved, but we'll leave that assessment up to the FBI," he said.
Security experts noted that while extortion-based DoS attacks are becoming more common, they usually target e-commerce companies or online gambling sites that stand to lose money for every second their site is down.
"The Million Dollar Homepage can be down for days and it's not as critical, but these attackers knew he had money and went after him," said Mikko Hypponen, the chief research officer at IT security company F-Secure.
InfoRelay has instructed Tew to forgo payment to the extortionists, Weiss said.
"He has been pretty calm throughout the whole time, but he's anxious to get the site under control and deliver what he promised to his customers," he noted.