The WalletBit website and service came under DDOS attack on September 15, 2012, completely disabling the services as of around 9:00 PM GMT. The attackers sent the following note to Kris Henriksen, the services’ founder, creator and CEO:
Your service is currently under our control, and will remain so until you’ve fulfilled our request.
All you need to do is settle 1000 BTC to the following receiver: 1PBvDW74Qm7pSFMfi5h4AgyDLGcb86LtTg
Should you ignore this message, then keep in mind that we’ll have no problems keeping your service.
You have exactly 24 hours to initiate the money and get back to us, and if you fail to do so, then we’ll keep your service offline for an additional week.
Kris refuses to give in to the demands, sending the following response back to the attackers:
I can see that you have the possibility of bringing down my network provider and keep it down.
The thing is, I don’t have 1000 BTC and neither do WalletBit in liquidity. So I am unsure how we are going to come to an agreement or solution.
I know this way of getting bitcoins most be very efficient, but maybe there is another way?
Awaiting your response.
It remains to be seen whether the attackers will follow up on their threat to continue crippling the service for a full week, or if they will divert their resources to another target. The ransom has subsequently been lowered to 150 BTC after the attackers received Kris’ response, but Kris still refuses to give in to the attacker’s demands.
The attack appears to be a SYN flood style distributed denial of service, and large enough to defeat WalletBit’s existing redundancy.
WalletBit is a Bitcoin payment processor, allowing merchants to easily accept Bitcoins for payment and collecting the relevant customer information.
ResponsePay is the mobile solution for utilizing WalletBit and BitInstant, and includes features that allowing users to send Bitcoins via email, SMS, or Bitcoin address, scan QR codes, and create location-based coupons.
At this time, BitPay also appears to be under a similar attack, but have not been available for comment.
Would you give in to the ransom, or wait out the attack? Leave your comment below, or send it to firstname.lastname@example.org.