Meetup site down after hacker sought to extort $300 from CEO

A series of DDoS attacks following an unmet extortion demand have crippled the site and its mobile apps

Meetup's website remained offline Monday, the victim of a massive DDoS attack, which began last week with an email asking the company's CEO to cough up $300 -- or else.

The social networking site and its mobile apps have been largely inactive since last Thursday, when the distributed denial-of-service attack began on its servers. At least several attacks have been launched at the site, causing many hours of downtime over several days, which the company says is its first such experience since it was founded 12 years ago.

[ Learn how to greatly reduce the threat of malicious attacks with InfoWorld's Insider Threat Deep Dive PDF special report. | Stay up to date on the latest security developments with InfoWorld's Security Central newsletter. ]

Problems began when Meetup CEO Scott Heiferman received an email Thursday morning that said, "A competitor asked me to perform a DDoS attack on your website." The email said the attack could be stopped if $300 was paid, Heiferman said in a blog post Sunday night.

The company did not pay the $300, Heiferman said, because Meetup does not negotiate with criminals and because paying could make the site a target for further extortion demands.

The first attack began simultaneously when the company's servers were overwhelmed with traffic and services went down, he said. Meetup was able to restore service Friday morning, but it was not long before another attack disabled the site.

The company's landing page said Monday that Meetup is working urgently to restore functionality.

"You can count on Meetup to be stable and reliable soon," Heiferman said. But more outages could occur in the days ahead, he said.

For updates on the outage, Meetup is directing people to visit its blog, as well as its pages on Twitter and Facebook.

Zach Miners covers social networking, search and general technology news for IDG News Service. Follow Zach on Twitter at @zachminers. Zach's e-mail address is zach_miners@idg.com

Mobile Security Insider: iOS vs. Android vs. BlackBerry vs. Windows Phone
Join the discussion
Be the first to comment on this article. Our Commenting Policies