Bad news everyone – the popular feed aggregator Feedly is on the receiving end of its second distributed denial of service attack (DDoS) in as many days.
This, apparently, isn’t the work of some bored script kiddie, but instead an extortion attempt. It’s not unheard of and has happened before; web sites are essentially held to ransom. If they don’t pay up, then the extortionist commands a botnet to flood the site with requests, overloading it or making it unreachable.
It first happened to Feedly yesterday, with the site being unreachable from mid-afternoon until after I’d gone to bed here in Britain. It was back up this morning and I was able to catch up with my feeds, but went down after lunchtime and is still offline as I type this.
The timing is interesting as it’s around 12 months since Feedly stopped being a simple frontend for Google Reader (which was about to be shut down), and became a reading and synchronisation service in its own right. Feedly seems to have been the most popular choice out of the various feed aggregation services that have taken on former Google Reader users.
I ponied up for a lifetime Feedly Pro account when they were made available some months ago; though steep at $100, I use Feedly every day and felt it that paying for it was the right thing to do. I hope that the income from pro users like me will have helped them secure the resources to deal with their current problems, although it’s a shame that both freeloading and paying customers are unable to access the site during the attack.
Still, I commend Feedly for doing the right thing and not simply rolling over and paying the ransom to their attackers. I hope it blows over quickly and the site will become more resilient as a result.