[ISN] CafePress wilts under DDoS assault

From: InfoSec News (alerts@private)
Date: Fri Dec 22 2006 - 23:29:08 PST


http://www.theregister.co.uk/2006/12/22/cafepress_ddos_attack/

By John Leyden
22nd December 2006

CafePress.com, the site which allows users to open up their own online 
store selling customised merchandise such as t-shirts and mugs, has been 
hit by a denial of service attack.

In a statement to store owners, Jill Ambrose of CafePress.com said the 
targeted attack had resulted in "significant service interruptions".

"As of right now some customers have access that appears normal, some 
have intermittent access, and some have no access at all. We will 
continue to update the CafePress Community Forum 
(http://forums.cafepress.com/eve) as we have more to share, and we urge 
you to check there for the most recent information," she said. "We do 
consider this an attack on CafePress, but we're most disturbed at how 
this victimises our community of Shopkeepers."

The motive and source of the attack remain unclear. CafePress.com said 
it was "working with the proper authorities" in trying to resolve and 
investigate the source of the attack. CafePress.com handles the website 
hosting, order fulfillment and payment processing on behalf of various 
store owners.

Distributed denial of service attacks are used by hackers to disrupt the 
operation of websites by flooding sites with spurious traffic from 
zombie computers in an attempt to make them inaccessible to the general 
public. Experts at net security firm Sophos speculate that the hackers 
may have deliberately targeted CafePress.com in the run-up to the 
holidays, a prime shopping period.

"Denial-of-service attacks have become a standard element in the 
hacker's arsenal. Whether they are hitting websites in order to 
blackmail them, or because they have a grudge against the company, 
hackers can inflict great harm to the online presence of a business," 
said Graham Cluley, senior technology consultant for Sophos. 
"CafePress.com has done the right thing by keeping its users informed of 
the problem and working closely with the authorities to investigate this 
crime."


_____________________________
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn
 



This archive was generated by hypermail 2.1.3 : Fri Dec 22 2006 - 23:42:57 PST