Newegg Taken Hostage By Hackers

By Rory Betteridge | 02 Oct 2015

Tech pureplay retailer Newegg was taken down by hackers last night as part of an extortion attempt.

Visitors to the site began to notice problems early in the evening, with customers reporting inability to access the site via Twitter. Newegg shortly acknowledged the issues, and staff were able to put up resistance, but problems continued for hours after.

“Certain IP addresses took longer than others to resolve and customers had issues for about five hours,” Newegg COO James Wu told Internet Retailer.

Wu later clarified that the disruption was the result of a “garden-variety” DDoS attack, likely originating from Russia as part of an unsuccessful attempt at a shakedown.

“The attackers were blackmailing us for bitcoin,” he said, refusing to state the amount. “We didn’t pay, of course, and we are taking preventative measures against future attacks.”

A DDoS, or directed denial of service, attack involves hackers infiltrating hundreds or thousands of computers without the owner’s knowledge, establishing a botnet of linked machines to repeat a menial task millions of times. This botnet is then directed to access the front end of a website, engaging all of a website’s resources in an effort to prevent the site’s regular traffic from gaining access. To regular internet users, the website will appear to be down, if not up but with severely hampered response time, which can be enough to drive online shoppers away to another website permanently.

A recent Akamai State Of The Internet report claimed that over 650 DDoS attacks took place between April and June this year, suggesting that the use of DDoS attacks was becoming more widespread. Between 15 and 20 of the attacks were directed at online retailers, with gaming and tech related websites proving a greater target. Akamai would not divulge the names of the affected retailers.

As a retailer’s website becomes a greater part of the retail business model for even brands with physical stores, DDoS attacks can become a great threat to a business’ bottom line. Having a defense procedure in place, even if it is as simple as contacting your hosting provider to begin with, can minimise the damage to your brand and your sales.

0 Comment

Leave a Reply

Your email address will not be published. Required fields are marked *