An Internet watchdog group responsible for keeping ads for counterfeit Viagra and bogus weight-loss pills out of inboxes around the world has been hit by a huge cyberattack, a crushing electronic onslaught that one expert said had already had ripple effects across the Web.
Spam-fighting organization Spamhaus said Wednesday that it had been buffeted by a massive distributed denial-of-service (DDoS) attack since mid-March, apparently from groups angry at being blacklisted by the Geneva-based group.
"It is a small miracle that we're still online," Spamhaus researcher Vincent Hanna said in an interview.
Denial-of-service attacks work by overwhelming target servers with traffic - like hundreds of letters being jammed through a mail slot at the same time. In a blog post, San Francisco-based CloudFlare, Inc. said the attackers were taking advantage of weaknesses in the Internet's infrastructure to trick servers from across the Internet into routing billions of bits of junk traffic to Spamhaus every second.
The attack could be bad news for email users, many of whose incoming messages are checked against Spamhaus's widely used and constantly updated blacklists.
Hanna said that his site had so far managed to stay on top of the spammers, but warned that being knocked offline could give them an opening to step up their mailings.
The sheer size of the attack has already affected Internet users elsewhere, according to Patrick Gilmore of Akamai Technologies.
He explained that colleagues at other Internet service providers had been in touch to say their services were affected by the attack. He declined to identify them - saying they had shared the information on a confidential basis - but said problems include sluggish access and dropped connections.
The BBC reports that companies like Netflix has been affected by the cyberattack. And Spamhaus has been able to keep its site up and running with the help of companies like Google, which is "absorbing" much of the excess traffic.
Spamhaus chief executive Steve Linford told the BBC that the attack is being investigated by five major cyber police forces around the world.