again down because of DDOS



What Happened?

The server is back offline after a strategic and coordinated DDoS attack, this time with more sophistication.

We had upgraded to the full-scale DDoS protection plan provided by Cloudflare, in addition to StGNU configuring his own set of anti-DDoS mechanisms however the attackers used social engineering to play on his “good guy” side in order to get the new IP address.

Essentially this is what happened.

1. New server was setup with the top-tier Cloudflare plan in addition to specific anti-DDoS configurations done by StGNU.

2. Sometimes the DNS changes can take 12-24+ hours to propagate with Cloudflare, StGNU was helping miners who couldn’t connect because Cloudflare changes hadn’t propagated by giving them the server IP address to use for the time being.

3. Attackers used social engineering to get the new direct IP address, thus subverting the entire protection that Cloudflare provides and proceeded to DDoS us again.

4. Case closed, no more Mr. Nice GNU. If you can’t connect you will just have to wait several hours, no more giving out the server IP address.

Side note: Attackers have also been hitting St. GNU hard, but don’t realize he has quite the elaborate networking infrastructure to mitigate such attacks :) but you can keep on hitting him, it’s a great chance to stress his networking equipment!

Regarding Payouts and Going Forward

Once the new server is back up and running and I’m satisfied with the new anti-DDoS mitigation in place we will commence with payouts, the following is a break down of what is going to happen in the next 24 hours.

1. Payouts are scheduled to commence as usual today at roughly 12:00am - 3:00am EST. We will be paying out for all shares recorded and work done during the time the pool was online since the last payout.

2. We are going to get the pool back online with Cloudflare and my own custom anti-DDoS solution in place. We will not be giving anyone the new IP address if they have connection issues, you will just have to wait for DNS changes to propagate if you have connection issues.

3. The new pool should take about 12-24 hours at most for the DNS changes to propagate across the Internet so that everyone can then connect to the pool. If you are having connection issues for a longer period of time than this, try flushing your DNS cache or PM StGNU.

4. I want to re-iterate a DDoS attack does not mean we have been “hacked”, it’s a very simple case of spamming the server with a SYN flood, nothing has been lost other than some downtime due to the server being flooded with traffic! If you’re curious about DDoS attacks please see the following for a great read.


The following two tabs change content below.


Blackcoin is my hobby, not sold one single coin since 24 februari 2014!
One comment
  1. Pingback: ALWAYS BET ON BLACK - Update 25 |