DoTA

We're currently under combined DDoS attack from Singapore and Vietnam. As usual, there's nothing to worry about, I've added Vietnam to DDoS protection alongside China and Singapore, so only visitors from Vietnam will experience some additional minor inconveniences. Making this post after like 30 minutes of additional protection and everything seems to run smoothly, you should not experience any delays or connection issues.

Chinese DDoS attempts have almost completely gone.
There is almost constant DDoS attack from Singapore for over 5 years...someone is very dedicated
Today we're experiencing major attack from additional ~3k Singaporean IPs and ~130k Vietnamese IPs, so it's hard to say whether that's the same dedicated entity, or we have a 2nd one trying to take our forum down.
Still no clue who might be behind this or what they're trying to achieve. So far no one contacted me, nor sent any demands and/or threats. What a waste of time and money...(for me it's a few minutes of my life, for the attacker(s) it's way more than that)
P.S. Additional attacks from Singapore have ended (the constant amount remained), while Vietnamese attacks have increased, so most likely a 2nd entity attacking using botnet pool.
P.P.S. After ~27 hours, since start, this major attack has ended.

I remember reading some time ago about massive Vietnam cyberattacks to steal accounts and data from medical companies, could it be the same group?

黒い剣士 » Thu 2025.06.05, 15:30 wrote:I remember reading some time ago about massive Vietnam cyberattacks to steal accounts and data from medical companies, could it be the same group?

Probably not. If they were after credentials then I'd spot it in logs, nevertheless you should have a descent password, at one point there was a person from US that tried to guess passwords of our forum members (something like 3-5 attempts/week, at that scale it's almost impossible to guess even 12345 passwords xD), there is also a bot from US that makes ~10-20 attempts to login each day for years (with seemingly random names or emails, most likely we're in some kind of pool, in which that bot tries to login with newly found login/password combination, that's the reason you should not use the same password everywhere). There are not that many reasons to guess someone's password here, apart of mine (which is extremely difficult to, it'd be easier to win a lottery), and even then you can reset your password or contact me to get your account back.
As far as I can tell - there is no other intent than to take our forum down (to make it unreachable for visitors), and as I wrote in the main post - I have no clue who might be behind it or what they're trying to achieve, as after so many attempts it should be clear that it's just a waste of time and money. Actual attacker(s) may even not be the mastermind behind, as there are people selling such "services" online, so technically it can be anyone with too much money on hands.