DIY website building platform Moonfruit took customer websites offline on Monday to make infrastructure changes, four days after the company had been hit by a DDoS attack.
UK-based Moonfruit told customers that their websites would be offline for up to 12 hours on Monday, starting at 10:00 GMT. According to the latest update by the company on its support page, its operations team continues to work on resolving the issues on Tuesday.
“Our operations team is making steady progress and has overcome a number of issues, but there are still a few more to be dealt with. We know how difficult this is for you and we’re doing everything we can to help get you back where you need to be,” Moonfruit said. “The service is currently intermittent, with sites loading in most cases, but it is still not possible to log in to your account” or make changes to sites.
According to an email sent to customers by Moonfruit Director Matt Casey on Thursday, the group responsible for the attack is called Armada Collective. The DDoS attack lasted 45 minutes and the group contacted Moonfruit to demand a ransom. The group then threatened that should they not receive payment, the attacks would continue on Monday.
In an effort to mitigate these threatened attacks, Moonfruit asked customers to configure a CDN service that the company had planned to implement in the New Year. The company provided step-by-step instructions for customers to configure their domains.
Last month, an encrypted email provider ProtonMail paid a ransom equivalent to $6000 US to hackers that targeted the provider with a sustained DDoS attack.
Moonfruit offers customers a free website builder, with the option to upgrade to premium packages. However, some note that when it comes to your online presence, you get what you pay for, and at this time of year when many websites are busy with holiday traffic, 12 hours of downtime is significant.
— James Coltham (@prettysimple) December 14, 2015