Popcorn Time Hit By Massive DDoS Attack

A major fork of the popular Popcorn Time project is currently being subjected to a massive DDoS attack. The whole project has been hit, from the site hosting its source through to its CDN, API and DNS servers. The team tells TorrentFreak that the attack amounts to 10Gbps across their entire network.

popcornEvery year sees periods when sites in the file-sharing sector are subjected to denial of service attacks. The attackers and their motives are often unknown and eventually the assaults pass away.

Early in 2014 many torrent sites were hit, pushing some offline and forcing others to invest in mitigation technology. In May a torrent related host suffered similar problems.

Today it’s the turn of the main open source Popcorn Time fork to face the wrath of attackers unknown. TorrentFreak spoke with members of the project including Ops manager XeonCore who told us that the attack is massive.

“We are currently mitigating a large scale DDoS attack across our entire network. We are currently rerouting all traffic via some of our high bandwidth nodes and are working on imaging and getting our remaining servers back online to help deal with the load,” the team explain.

The attack is project-wide with huge amounts of traffic hitting all parts of the network, starting with the site hosting the Popcorn Time source code.


Attack on the source code site – 980Mbps

source

Also under attack is the project’s CDN and API. The graph below shows one of the project’s servers located in France. The green shows the normal traffic from the API server, the blue represents the attack.


Attack on the France API server – 931Mbps

france-api

Not even the project’s DNS servers have remained untouched. At one point two of three DNS servers went down, with a third straining under almost 1Gbps of traffic. To be sure, a fourth DNS server was added to assist with the load.


Attack on the Dutch DNS server – peaking at 880Mbps

dutch-dns

All told the whole network is being hit with almost 10Gbps of traffic, but the team is working hard to keep things operational.

“We’ve added additional capacity. Our DNS servers are currently back up and running but there is still severe congestion around Europe and America. Almost 10Gbps across the entire network. Still working on mitigating. API is still online for most users!” they conclude.

Nobody has yet claimed responsibility for the attack and it’s certainly possible things will remain that way. Only time will tell when the attack will subside, but the team are determined to keep their project online in the meantime.

Tagged in:

Share this post:

Share on Google+

You may also like:

c There are 61 comments. Add yours?

comment policy