If a person wants to compromise a website’s security, there are virtually countless ways for it. But if the person taking care of that site’s security is good enough, he’ll know how to tackle each of them. Something along these lines happened to the VPN service, TorGuard, which had to fight off large botnets, spammers and fake pizza deliveries.
It all started in August when TorGuard announced that it was cutting down its fees by 50%. The promotional campaign was able to entice a huge number of new customers to the service. Apparently, this didn’t sit well with an unnamed rival VPN service which unleashed security hazards on TorGuard’s network.
First came the spam emails. Within 24 hours of the launch of the aforementioned promotional campaign, TorGuard’s support inbox started receiving massive amounts of spam email. Explaining the spam attack, Ben Van Pelt, the administator for TorGuard stated, “The SMTP servers generating the massive onslaught of 10 million daily e-mails were in Argentina and we were unsuccessful in contacting the provider. After a few added rules on [Apache firewall module] mod-security we were successfully blocking the ‘mailbomb’ attack.”
But this was only the first attack from the spammers whose intent were to take down TorGuard. Nearly a month later, TorGuard announced that it had launched new network nodes in a number of countries so that users in those countries could experience better TorGuard speeds.
Again, a massive amount of junk traffic was directed towards TorGuard’s network. This traffic was directed towards the IPs of new nodes, evidently aiming to disrupt these nodes. Initially, this attack which reached 10Gbps at times, was thwarted by rapidly changing the IP addresses of these nodes. When that didn’t help much, Pelt simply modified the company’s border gateway protocol and rendered the attack useless.
In mid-October, the DDoS attacks were back as TorGuard announced a new proxy software. In this attack, nearly two million end users were lumped together to launch a massive DDoS attack. These attacks came at a huge size of up to 15Gbps. This time, Pelt had to sign up for the anti-DDoS service called CloudFlare. CloudFlare warded off the attacks instantly and restored TorGuard.
Finally, when all else failed, the people who were trying to take down TorGuard decided to rely on more personal tactics. In the words of Pelt, “Unable to spam, DDoS, hack, or social engineer us, they employed the tactics of the ‘4chan party van.’ Throughout the day our office received multiple unrequested deliveries from local pizza chains, Chinese food, and one large order of sushi. A handful of local electricians and plumbing services were also disappointed to be turned away. To my knowledge no fake calls have been placed to law enforcement yet, however nothing would surprise me at this point.”
However, in the long run, TorGuard won because all the tactics used to take down the service failed in the face of timely measures by Van Pelt and his team. While the attackers spent some $7,000 in their attacks through botnets, spammers and such, TorGuard eventually has to pay a mere $800 extra per month for all the security measures it has taken over time.