ProtonMail, a secure e-mail service based in Switzerland that is known for encryption which offers based on Swiss law and to protect its customers against NSA, receives massive DDoS attack, even though he has already paid €5.500 in ransom.
According to Protonmail, the assault began at 3 November, and at the same time her employees received a ransom note from a hacking group known as Armada Collective.
The hacking group using the same tactics as its counterpart hacking group, DD4BC, threatens companies around the world with DDoS attacks, except if they pay her ransom in Bitcoin.
ProtonMail initially ignored the message, and so the same night began an attack that managed to drop the offline service for 15 minutes.
A second attack followed the next day around 11 am, but PrtonMail said its provider took the appropriate steps to alleviate the DDos attack.
At this point, things started to become a little 'strange'. A few hours later, as ProtonMail explains, attacks have increased unexpectedly in both complexity and bandwidth, reaching over 100 Gbps, and also targeting the weak points of its ISP provider's infrastructure. This was done around 14: 00.
At 3: 30 pm, after 90 minutes of shutdown time for all ISP systems, and after the provider faced pressure from other businesses affected by the DDoS attack, ProttonMail decided to pay Armada Collective ransom.
Despite this ransom payment, the DDoS attacks continued to the ISP, which is offline offline at regular intervals depending on the incoming DDoS traffic.
ProtonMail reports that after paying the ransom and following further e-mail exchanges with hackers, Armada Collective has denied any responsibility for the second wave of more sophisticated attacks.
ProtonMail, a service providing secure e-mail for dissident and anti-government journalists from many countries, now suspects that the second wave of attacks is being carried out by a state-sponsored group that saw the perfect opportunity to shed the company without turning suspicions on her.
ProtonMail is currently planning to migrate its services to a more advanced infrastructure with built-in DDoS attack mitigation systems. This move will likely pay off, so the company has opened a GoFundMe donation account, with name ProtonMail Defense Fund.