Update 2: After restoring its services after Wednesday’s attack, the Feedly team reported in a blog post Thursday morning that it had been hit by a second DoS attack. As of late Thursday morning, Feedly is down again.
Update 1: Feedly says that it’s working to bring the site back online but that it may take several hours, carrying into Wednesday afternoon. It also notes that no user data was lost or compromised in the attack.
The popular RSS reader Feedly has been down for several hours Wednesday morning as the result of a distributed denial of service attack, which the perpetrators are allegedly using to extort money from the company. Feedly posted details of the attack on its blog to explain the site’s downtime, saying that it’s been in contact with law enforcement as well as other victims of the attack. “The attacker is trying to extort us money to make it stop [sic],” Feedly writes on its blog. “We refused to give in and are working with our network providers to mitigate the attack as best as we can.”
This type of extortion attempt is said to be far from uncommon, but companies usually aren’t eager to discuss it. In one case earlier this year, Meetup was taken down by the same type of attack and asked to pay $300 to make it stop. It’s a surprisingly low figure, but the attacker’s aim was likely to make it low enough that the company found it easier to just pay up. Feedly hasn’t said if its attack is also in this vein. Many have noted that Evernote was also briefly taken down last night from a denial of service attack, but it’s unclear if the two attacks are related. For now, Feedly’s basic site is up but sluggish, while user accounts still remain unavailable.