A few nights ago an attacker sent a message via our contact form demanding we send .5 BTC to protect ourselves from a DDOS attack.
Coin Fire is a small site, we are making zero money (we lose money each month) and even if we had the resources to pay we would not give in to these almost terrorist like demands.
We didn’t reply to the message and went about things business as usual. As we can not and will not pay the DDOS attackers who are now sending us messages demanding 5 BTC to make the attack stop.
If you can see this message we are still holding on for dear life.
We’ve been shut down by two different providers in the last twenty-four hours as we have impacted services for other customers and have lost our investment of money on servers and significant levels of time as we have to rebuild on new machines each time we are kicked off and none of the providers will provide us with a refund since we have caused them so much harm.
We refuse to pay these blackmail demands and encourage others who receive the same demands to not give in as well. Giving in just empowers these assholes to keep doing this to you or to others because they profit from it.
The attack vector is using Facebook notes to flood our site using a known exploit on Facebook and we’ve reached out to friends at Facebook’s Cyber Security team who have determined the IP address of the original person hitting the attack vector and are working with law enforcement actively to track this user down.
Soon we hope things will be getting back to normal as our primary focus has been for the last few days to keep our site online as we are kicked from various providers for impacting service for others, securing further with CloudFlare and working on reducing our total site footprint.
We are posting this here as a reminder to others to not pay the demands and also a quick status update as to why we haven’t been responsive as we normally are the past few days.