Getrespense Is DDos Attacked Again, stop your campaigns for a while

50 replies
I was having some problems with Getresponse today again. I just talked to support who said they are being attacked again but reassured me that their new system should overcome this.

Well, it's been strange for quite a while. Just checked my campaigns again and the signups are not working in a sense that they get timed out and the same error pops up as when the initial attack occurred. So I stopped them again. No sense to pay for clicks that lead nowhere.

I suggest that you stop your campaigns for a while as well.
#attacked #campaigns #ddos #getrespense #stop
  • Profile picture of the author Katie Rich
    Just had an email that they are experiencing a high volume of malicious traffic, whatever that means.
    {{ DiscussionBoard.errors[9160568].message }}
    • Profile picture of the author ejullya
      Hi Katie, I talked to them and one of the support staff said that they are being attacked again
      {{ DiscussionBoard.errors[9160577].message }}
    • Profile picture of the author heavysm
      Originally Posted by Katie Rich View Post

      Just had an email that they are experiencing a high volume of malicious traffic, whatever that means.
      If that is really the case it won't matter how much protection they put up. As long as the attacker wants to do damage, he will.

      I honestly don't mind them being down...just don't mess with my list lol It's one thing to have the list backed up but quite another to successfully upload again.
      {{ DiscussionBoard.errors[9161143].message }}
    • Profile picture of the author jex1
      Originally Posted by Katie Rich View Post

      Just had an email that they are experiencing a high volume of malicious traffic, whatever that means.
      Think of it like a hosepipe.

      Then think of what happens if you try and put 10x as much water through a hosepipe at whatever pressure would force it through. What happens? The hosepipe would tear.

      That is what a DDOS attack does to servers. It is too much for them to handle, so they either, in a worst case scenario, get hot and physically fry, or they shut down.
      {{ DiscussionBoard.errors[9161146].message }}
      • Profile picture of the author rts2271
        The problem is Windstream. GR spends all this money on fancy DDoS mitigation and still uses a tin can and string to pipe the packets.

        I have been very conservative on my statements about GR. We use them and it has been very painful watching them commit stupid for the last 3 months with DDoS after DDoS and not realizing that their core network provider is the actual problem, not the DDoS itself. Hell they are probably getting DDoS'd by some nigerian with a 56k modem.

        GR, You tempted fate last week when you bragged about your upgrades. You painted a target on yourself but worse, you did it without securing your network. You left it on Windstream and are now wondering why your service is sucking. Pony up for a real provider, stop charging premium rates to clients when you are certainly NOT investing that back into the necessary infrastructure to provide service. Get a backbone like Saavis, ATT or one of the many dozens of providers who are better_than_current Windstream and their horrible service.

        Google Windstream
        {{ DiscussionBoard.errors[9161803].message }}
        • Profile picture of the author ejullya
          Originally Posted by rts2271 View Post

          The problem is Windstream. GR spends all this money on fancy DDoS mitigation and still uses a tin can and string to pipe the packets.

          I have been very conservative on my statements about GR. We use them and it has been very painful watching them commit stupid for the last 3 months with DDoS after DDoS and not realizing that their core network provider is the actual problem, not the DDoS itself. Hell they are probably getting DDoS'd by some nigerian with a 56k modem.

          GR, You tempted fate last week when you bragged about your upgrades. You painted a target on yourself but worse, you did it without securing your network. You left it on Windstream and are now wondering why your service is sucking. Pony up for a real provider, stop charging premium rates to clients when you are certainly NOT investing that back into the necessary infrastructure to provide service. Get a backbone like Saavis, ATT or one of the many dozens of providers who are better_than_current Windstream and their horrible service.

          Google Windstream
          You hit the nail on the head, rts2271. What's the point of getting all the "bragged about security" when you leave yourself completely exposed via your provider.

          Fool you once, shame on them. Fool you twice, shame on you!
          {{ DiscussionBoard.errors[9162007].message }}
        • Profile picture of the author jasondinner
          Originally Posted by rts2271 View Post

          The problem is Windstream. GR spends all this money on fancy DDoS mitigation and still uses a tin can and string to pipe the packets.

          I have been very conservative on my statements about GR. We use them and it has been very painful watching them commit stupid for the last 3 months with DDoS after DDoS and not realizing that their core network provider is the actual problem, not the DDoS itself. Hell they are probably getting DDoS'd by some nigerian with a 56k modem.

          GR, You tempted fate last week when you bragged about your upgrades. You painted a target on yourself but worse, you did it without securing your network. You left it on Windstream and are now wondering why your service is sucking. Pony up for a real provider, stop charging premium rates to clients when you are certainly NOT investing that back into the necessary infrastructure to provide service. Get a backbone like Saavis, ATT or one of the many dozens of providers who are better_than_current Windstream and their horrible service.

          Google Windstream
          Just quoting this so maybe Mickk sees it and passes it along to Simon or whoever is in charge of the data center.

          Makes perfect sense. Like bringing a knife to a gun fight.

          If what he's saying is right and they stay with Windstream, this will keep happening.

          No guarantee it won't happenw ith another provider, but at the same time, there are probably a handful of companies that could have thwarted this attack.
          Signature

          "Human thoughts have the tendency to transform themselves into their physical equivalent." Earl Nightingale

          Super Affiliates Hang Out Here

          {{ DiscussionBoard.errors[9162113].message }}
          • Profile picture of the author MickK
            Originally Posted by jasondinner View Post

            Just quoting this so maybe Mickk sees it and passes it along to Simon or whoever is in charge of the data center.

            Makes perfect sense. Like bringing a knife to a gun fight.

            If what he's saying is right and they stay with Windstream, this will keep happening.

            No guarantee it won't happenw ith another provider, but at the same time, there are probably a handful of companies that could have thwarted this attack.
            Way ahead of you Jason, passed it on earlier this morning.

            Cheers,

            Mick
            Signature

            Mick Kitor - Affiliate Manager

            Phone: +1 585.286.1819 | Email: mick.kitor(at)erevshare.com | Skype mick.kitor

            {{ DiscussionBoard.errors[9162490].message }}
        • Profile picture of the author MickK
          I forwarded your comments rts2271
          Signature

          Mick Kitor - Affiliate Manager

          Phone: +1 585.286.1819 | Email: mick.kitor(at)erevshare.com | Skype mick.kitor

          {{ DiscussionBoard.errors[9163006].message }}
      • Profile picture of the author MickK
        It looks like it was our datacenter that took us offline again. Our new DDoS system worked (briefly) as intended and we were able to get service restored, but were once again taken offline by Windstream.

        "Unfortunately the situation turned out extremely difficult to cope with for our datacenter Windstream who wasn't capable of handling such scale attack and decided to turn our services down"

        status.getresponse.com

        We are working with Windstream on a fix and compensation plan for our customers.

        When I know more I'll post it.

        Cheers,

        Mick
        Signature

        Mick Kitor - Affiliate Manager

        Phone: +1 585.286.1819 | Email: mick.kitor(at)erevshare.com | Skype mick.kitor

        {{ DiscussionBoard.errors[9161868].message }}
        • Profile picture of the author xxxJamesxxx
          Originally Posted by MickK View Post

          It looks like it was our datacenter that took us offline again. Our new DDoS system worked (briefly) as intended and we were able to get service restored, but were once again taken offline by Windstream.

          "Unfortunately the situation turned out extremely difficult to cope with for our datacenter Windstream who wasn't capable of handling such scale attack and decided to turn our services down"

          status.getresponse.com

          We are working on a fix and compensation plan for our customers.

          When I know more I'll post it.

          Cheers,

          Mick
          Giving no time frame basically tells me you're going to be down for days again... Great!

          It was bad enough this happened last week, but 3 days later? Especially how you was bragging how you've got the best protection and it won't happen again etc.

          Your compo plan better be good btw because I'm losing A LOT of money here, and don't even try to thob me off with a free month's subscription.

          I hate being negative but this is just becoming a joke now.

          James Scholes
          {{ DiscussionBoard.errors[9161888].message }}
          • Profile picture of the author Javisito
            Originally Posted by xxxJamesxxx View Post

            Giving no time frame basically tells me you're going to be down for days again... Great!

            It was bad enough this happened last week, but 3 days later? Especially how you was bragging how you've got the best protection and it won't happen again etc.

            Your compo plan better be good btw because I'm losing A LOT of money here, and don't even try to thob me off with a free month's subscription.

            I hate being negative but this is just becoming a joke now.

            James Scholes
            We are all loosing a lot of money here, INCLUDING getresponse themselves we should be happy they actually bother to compensate us. However I do agree that it is their responsibility to have a reliable service.

            Actually here in Sweden where I live this has even happened to the police website and to A LOT of companies so I guess we are all in the same boat.


            So... can anyone tell me when the hacker hunting season is?
            {{ DiscussionBoard.errors[9162027].message }}
          • Profile picture of the author MickK
            Originally Posted by xxxJamesxxx View Post

            Giving no time frame basically tells me you're going to be down for days again... Great!

            It was bad enough this happened last week, but 3 days later? Especially how you was bragging how you've got the best protection and it won't happen again etc.

            Your compo plan better be good btw because I'm losing A LOT of money here, and don't even try to thob me off with a free month's subscription.

            I hate being negative but this is just becoming a joke now.

            James Scholes
            Hi James,

            I'm a big believer in only passing on information I know is true. I didn't have a timeframe I trusted enough to post.

            Contact support.getrespone.com to discuss compensation.

            Cheers,

            Mick
            Signature

            Mick Kitor - Affiliate Manager

            Phone: +1 585.286.1819 | Email: mick.kitor(at)erevshare.com | Skype mick.kitor

            {{ DiscussionBoard.errors[9164756].message }}
  • Profile picture of the author ADVERTHEORY
    one day at bandcamp.

    the day the first malfunction happened, I had cancelled my aweber account and was going to use getresponse. Before I signed up, I was looking for the latest reviews and saw their last issue. Then I thought, I'd wait and see what happened over the next week with their responses, and aftershocks.

    Thanks for the update, definitely avoiding this one.
    {{ DiscussionBoard.errors[9160573].message }}
    • Profile picture of the author ejullya
      Originally Posted by ADVERTHEORY View Post

      one day at bandcamp.

      the day the first malfunction happened, I had cancelled my aweber account and was going to use getresponse. Before I signed up, I was looking for the latest reviews and saw their last issue. Then I thought, I'd wait and see what happened over the next week with their responses, and aftershocks.

      Thanks for the update, definitely avoiding this one.
      That is pretty funny, because just a few days before the attack I created a getresponse account. Luckily, I did not cancel my Aweber account yet.

      Unfortunately, all my new campaigns are getresponse. What a nuisance!
      {{ DiscussionBoard.errors[9160582].message }}
  • Profile picture of the author OfficerIM
    I literally just upgraded my account 2 hours ago when it was working for a bit.
    {{ DiscussionBoard.errors[9160597].message }}
  • Profile picture of the author GarrieWilson
    So much for that half a million upgrade.
    Signature
    Screw You, NameCheap!
    $1 Off NameSilo Domain Coupons:

    SAVEABUCKDOMAINS & DOLLARDOMAINSAVINGS
    {{ DiscussionBoard.errors[9160602].message }}
    • Profile picture of the author jasondinner
      Originally Posted by GarrieWilson View Post

      So much for that half a million upgrade.
      Now they're gonna spend $1 BILLION... (in my best Dr. Evil voice)

      I love losing money on lead gen campaigns.

      Oh and the way things are going, I highly recommend you guys not use their internal click tracking on email campaigns. If you did, all of your clicks are wasted. If you didn't or don't, your links will work in delivered emails.

      Unfortunately, I use their clicktracking.

      A broadcast I sent last night which was on pace to generate 5-6K clicks. SMH
      Signature

      "Human thoughts have the tendency to transform themselves into their physical equivalent." Earl Nightingale

      Super Affiliates Hang Out Here

      {{ DiscussionBoard.errors[9160878].message }}
  • Profile picture of the author Katie Rich
    I'm on the 30 day free trial with them. it's been working for around 6 of those days so far.

    I tried MadMimi and Monkey something but neither were much good. I don't like Aweber, so I'm stuck.
    {{ DiscussionBoard.errors[9160603].message }}
    • Profile picture of the author ejullya
      Originally Posted by Katie Rich View Post

      I'm on the 30 day free trial with them. it's been working for around 6 of those days so far.

      I tried MadMimi and Monkey something but neither were much good. I don't like Aweber, so I'm stuck.
      I feel the same but unfortunately the attackers are making their rounds. From the last report we even know that they extorted money from Getresponse.

      Aweber was attacked a few months or so back, so in time I suspect all the autoresponders are going to be the target.

      At least, the paid services have the money to implement protection. I wonder how the free autoresponder providers will fare
      {{ DiscussionBoard.errors[9160616].message }}
      • Profile picture of the author Katie Rich
        Originally Posted by ejullya View Post

        From the last report we even know that they extorted money from Getresponse.
        Did they? The last email I read stated that they refused to pay the $750 bitcoin ransom and would never pay as they knew the demands would continue. Did I miss one?
        {{ DiscussionBoard.errors[9160635].message }}
        • Profile picture of the author MickK
          Originally Posted by Katie Rich View Post

          Did they? The last email I read stated that they refused to pay the $750 bitcoin ransom and would never pay as they knew the demands would continue. Did I miss one?
          No you are correct, we didn't pay anyone.

          When I know more information, I'll pass it on.

          from status.getresponse.com

          Investigating - We are currently experiencing high volume of malicious traffic and we are in the process of mitigating it.
          May 3, 15:28 EDT
          Signature

          Mick Kitor - Affiliate Manager

          Phone: +1 585.286.1819 | Email: mick.kitor(at)erevshare.com | Skype mick.kitor

          {{ DiscussionBoard.errors[9160645].message }}
      • Profile picture of the author Mike Hill
        Originally Posted by ejullya View Post

        I feel the same but unfortunately the attackers are making their rounds. From the last report we even know that they extorted money from Getresponse.

        Aweber was attacked a few months or so back, so in time I suspect all the autoresponders are going to be the target.

        At least, the paid services have the money to implement protection. I wonder how the free autoresponder providers will fare

        TRIED to extort... They did not succeed... Big difference
        {{ DiscussionBoard.errors[9162397].message }}
  • Profile picture of the author Javisito
    Again, this is getting annoying... This attacker was probably bullied as a kid and didnĀ“t get enough attention
    {{ DiscussionBoard.errors[9160618].message }}
  • Profile picture of the author Javisito
    You can say whatever you want about this attacks they are very frustrating. However I do the thumbs up for Getresponse keeping us updated so fast, keep on the good work guys!
    {{ DiscussionBoard.errors[9160663].message }}
  • Profile picture of the author MickK
    Signature

    Mick Kitor - Affiliate Manager

    Phone: +1 585.286.1819 | Email: mick.kitor(at)erevshare.com | Skype mick.kitor

    {{ DiscussionBoard.errors[9160770].message }}
  • Profile picture of the author NK
    The hacker must have decided to put GR's expensive upgrade and claims to the test. It seems likely that this person will continue trying to attack GR in the future as well regardless of how much mitigation infrastructure is placed.

    I'm not sure if this was mentioned anywhere, but is GR getting the law involved in seeking out the culprit?
    Signature

    Affiliate Link Cloaking & Tracking Software - The most powerful tool available for affiliate marketers who are sick and tired of making way too little money!
    {{ DiscussionBoard.errors[9161031].message }}
  • Profile picture of the author MickK
    The latest status says
    "Investigating - We are currently experiencing some issues in our data center. We are working with all of our engineers and Windstream technicians to resolve all issues as soon as possible. "
    Signature

    Mick Kitor - Affiliate Manager

    Phone: +1 585.286.1819 | Email: mick.kitor(at)erevshare.com | Skype mick.kitor

    {{ DiscussionBoard.errors[9161062].message }}
    • Profile picture of the author Brian Mullis
      I've been a GetResponse customer for about 8 years now and I have always been a big fan.

      However, it's clear that it's time for me to put a backup plan in place - mitigate the risk. I don't know the best solution yet but I'll be researching it soon. Actually I should have done this years ago.

      The last several days have been quite the wake up call.
      {{ DiscussionBoard.errors[9161107].message }}
    • Profile picture of the author John Krone
      I've been trying to join GetResponse for the past two weeks, but tapped the brakes, after these shocking service collapse incidents.

      Damage it does to the down day is one thing, but damage to unreliable reputation could be even worse.

      They'll have to find some way to turn this into a positive, and in the end maybe have the strongest system available.

      John
      Signature
      Easy Email Clicks
      Double Your Sales In 30 Days - Challenge
      Double the impact of your email offers - Easy and Free to Do.
      This Crash Course shows you how.
      Johnkrone.com
      {{ DiscussionBoard.errors[9161122].message }}
  • Profile picture of the author gesman
    So what Aweber did to prevent and protect themselves from such attacks?
    {{ DiscussionBoard.errors[9161890].message }}
  • Profile picture of the author ADVERTHEORY
    lol @ the blame game
    {{ DiscussionBoard.errors[9162118].message }}
  • Profile picture of the author MasEDI
    thanks to everyone who made this thing happen, due to Getresponse ddos attack we're suffered from spam email
    {{ DiscussionBoard.errors[9162330].message }}
    • Profile picture of the author MickK
      Originally Posted by MasEDI View Post

      thanks to everyone who made this thing happen, due to Getresponse ddos attack we're suffered from spam email
      I didn't follow your meaning.

      Cheers,

      Mick
      Signature

      Mick Kitor - Affiliate Manager

      Phone: +1 585.286.1819 | Email: mick.kitor(at)erevshare.com | Skype mick.kitor

      {{ DiscussionBoard.errors[9162494].message }}
  • Profile picture of the author Brent Stangel
    i lose money because of this unannounce issue...
    Next time we'll have the hacker email you in advance. (;
    Signature
    Get Off The Warrior Forum Now & Don't Come Back If You Want To Succeed!
    All The Real Marketers Are Gone. There's Nothing Left But Weak, Sniveling Wanna-Bees!
    {{ DiscussionBoard.errors[9162337].message }}
  • Profile picture of the author moneycoach
    This is a freaking night mare I suggest people get in to Self Hosting solutions.
    {{ DiscussionBoard.errors[9162568].message }}
    • Profile picture of the author rts2271
      And one thing to add. Mickk is a stand up guy. I also would bet they didn't sign up with Windstream but got slid in during the Nuvox / Windstream merger. Nuvox was a excellent ESP provider and knew a ton about DDoS mitigation and email delivery. The horror stories we are seeing played out with GR are almost trivial to some of the others I have dealt with in the last 2 years. Windstream could make 20GB fiber run like Juno. Windstream should be shot, buried in a ditch and the ditch shot into the sun.






      scratch that Juno worked.
      {{ DiscussionBoard.errors[9162715].message }}
  • Profile picture of the author Mark Hess
    Honestly, when this happened April 26-30 I took it in stride. I've been doing this long enough to know that stuff happens even though the incident cost me money I honestly felt moving forward that GetResponse would make the changes necessary so it doesn't happen again (or if it does, at least the length of downtime would be significantly reduced).

    At this point, I can't tell you how totally disgusted I am. Talk about a total letdown. This is absolutely ridiculous. I rarely run much paid lead generation and thank God I don't, I'd have to be up 24 hours a day babysitting your service.

    Statements like "...will give GetResponse the strongest always-on anti-DDoS protection in the email marketing space." are total non-sense and basically bait people into attacking you again.

    From what I gather, they put a pig in a $500,000 dress. You can have the greatest DDoS mitigation in the world but obviously GetResponse doesn't have adequate infrastructure to support it.

    GetResponse needs to find the weak link within their system and freaking fix it or hire some smart people to fix it for them.
    Signature
    {{ DiscussionBoard.errors[9164386].message }}
    • Profile picture of the author MickK
      GetResponse is up.

      Cheers,

      Mick
      Signature

      Mick Kitor - Affiliate Manager

      Phone: +1 585.286.1819 | Email: mick.kitor(at)erevshare.com | Skype mick.kitor

      {{ DiscussionBoard.errors[9164632].message }}
    • Profile picture of the author MickK
      Mark Hess,

      I'll forward your comments to senior management. I understand and share your frustration.

      Cheers,

      Mick
      Signature

      Mick Kitor - Affiliate Manager

      Phone: +1 585.286.1819 | Email: mick.kitor(at)erevshare.com | Skype mick.kitor

      {{ DiscussionBoard.errors[9164638].message }}
  • Profile picture of the author talfighel
    It seems that they are back and working again.

    Hope that this does not happen over and over again in the near future.
    {{ DiscussionBoard.errors[9164567].message }}
    • Profile picture of the author MickK
      Originally Posted by talfighel View Post

      It seems that they are back and working again.

      Hope that this does not happen over and over again in the near future.
      Me too talfighel...me too
      Signature

      Mick Kitor - Affiliate Manager

      Phone: +1 585.286.1819 | Email: mick.kitor(at)erevshare.com | Skype mick.kitor

      {{ DiscussionBoard.errors[9164633].message }}

Trending Topics