ProtonMail thinks ‘state hackers’ carried out advanced attack
The Swiss service for encrypted mail ProtonMail is struggling with DDO attacks and is extorted by criminals. However, according to ProtonMail, it appears that the service is under fire from a second group of advanced attacks, reminiscent of state hackers.
Last Tuesday, ProtonMail received a threatening email from criminals who claimed to be behind DDoS attacks in Switzerland over the past few weeks. Subsequently, the webmail service for encrypted mail suffered two attacks, which led to short-term outages.
“Within the span of a few hours, the attacks reached an advanced level not seen before,” the agency said in a statement. In this attack, the infrastructure of the service’s upstream partners was directly attacked. “The coordinated attack on our isp exceeded 100Gbit/s and not only our data centers, but also routers in Zurich, Frankfurt and other locations where our isp has nodes came under attack.”
This attack paralyzed the data center and provider, affecting many other services and businesses. ProtonMail then decided to pay the ransom. Despite this, the attack continued, while the criminals of the first attack denied being behind the second ddos attack.
ProtonMail reasons that two groups are targeting the webmail service. “In addition, the second attackers exhibited capabilities associated with state-sponsored perpetrators,” claims ProtonMail, indicating the criminals were willing to accept significant collateral damage.
ProtonMail has set up a Defense Fund to which internet users can donate to resist the attacks. The service expects to need $100,000 a year for a lasting solution. The agency is working with the Swiss Governmental Computer Emergency Response Team, the Cybercrime Coordination Unit Switzerland and Europol on an investigation.