– – – – 07-05-2022 – – – – –
Number and intensity visibly decreases. However, it has been decided to keep the defense high if it is intensified again. If it is the case that you are not allowed to go to the login screen because your IP address has been blocked by cloudflare, please contact customer service by e-mail.
Quiet morning and afternoon. Intensity of the attacks decreases. Probably because there are now many millions of IP addresses worldwide blocked that were used by the botnet. Fewer and fewer attacks are coming through. Our servers are not bothered by this and can handle this perfectly. By setting a few defensive measures differently, we can now also upload scans for PriPost and photos of PriParcel. Customers can also upload IDs again.
The login screens on the websites appear to work insufficiently due to the attack. That is why we have (temporarily) chosen new customers, by means of a new tab, to make the registration possible directly in the portal.
Throughout the night there have been attacks on both the portal and the website. However, these have decreased in effectiveness. However, various defensive measures remain in force. For example, visitors to both the portal and the websites see a control screen of cloudflare for a number of seconds.
– – – – 06-05-2022 – – – – –
We still continue to get attacks on both websites and the portal. The impact is reasonably limited. However, it is not possible to upload PriParcel photos and PriPost Scans at the moment. We have also had to block entire countries. The attacks now come from 114 countries. We have also seen that there are different IP addresses of our own customers that are in the botnet. This means that the computers of those customers are used by the attackers. Those IP addresses cannot be released. It’s likely that those customers don’t know their computer is being used. Malware is quickly installed by a click in the wrong mail. A warning to use good security software!
Visitors to the websites and portal are shown a cloud-flare security page for a few seconds with which the visitor is validated. As soon as peace has returned, this will disappear again.
For now, there’s not much we can do but wait and see. Our IT staff will also remain on standby during the weekend and monitor the case. The administration, mail and parcel processing are not yet delayed.
During the day, the attacks continued, but about 300,000 IP addresses per minute were captured. At 15:13 we received a new message from the attackers that if we did not pay, our websites would be attacked. Less than a minute later, all our websites went down.
The attacks still continue and visitors suffer a lot from the measures and slowness. We will continue to monitor and report this.
– – – – 05-05-2022 – – – – –
Portal is accessible but may be that some foreign users cannot log in because their IP address is blocked. When logging in and visiting the portal, a cloudflare page can become visible that performs a check on the user. This takes a fraction of a second after which the visitor is redirected
Attack continues unabated
Situation unchanged – defensive actions prove effective but slows down the portal
New attack has started. Now from several countries including Brazil, Peru, Morocco
traffic is increasing again. Defensive measures are deployed
– – – – 04-05-2022 – – – – –
Our CEO explains further in a blog post. Read the text here
No further updates. Traffic seems quiet.
IT team remains ready and monitor everything. Some customers may have trouble logging in due to the IP whistelisting. Contact customer service in the morning is the advice.
New attack but is repulsed and immediately neutralized.
Portal still live but can be slower due to the amount of traffic.
Attackers are definitively located and have a Russian origin. Entire IP ranges are blocked
Attackers continue to follow us and continue to attack. Portal is live and attackers are not getting a foothold.
New layer of protection against DDos attacks implemented.
New server set up and running. DNS modified
Attack continues. There is currently no solution yet.
Our IT is busy neutralizing the attack. For the time being, our websites are not affected by the attack
Server goes down. Turns out a DDoS attack is being carried out.
Through the chat we receive a threat from a Russian IP address that we immediately have to transfer a large amount of money to prevent a DDoS attack on the PriPortal. Of course, we don not respond to this.