ISAB DDoS Attack: A Transparent Report

On January 25, 2023, the ISAB website, https://isab.run/ was targeted by a distributed denial-of-service (DDoS) attack. The attack aimed to make the website unavailable to users by overwhelming it with a large amount of traffic from multiple sources.

The origin of the attack appears to have been from a variety of countries, including the United States, Russian Federation, Japan, Hong Kong, Spain, Singapore, Germany, China, and others. The methods used in the attack included hosted queries, custodial inquiries, JS questions, and automated program attacks.

Despite the attack, the well-structured and resilient infrastructure designed by Joe Fang ensured that the availability and performance of the website were not compromised. The ISAB Engineering Team was able to counteract the attack by implementing various measures such as access rules, firewall rules, and blocking certain IP addresses.

We understand that these types of attacks can be disconcerting, but we want to assure our communities that the ISAB Engineering Team takes the security and stability of our website very seriously. We will continue to monitor and improve our defenses to ensure that we can provide a reliable service to our users.

We would also like to remind our communities that if you notice any suspicious activity on the ISAB website, please do not hesitate to contact us. Your help in keeping our website secure is greatly appreciated.

Based on our analysis, the attack appeared to be a Distributed Denial of Service (DDoS) attack, which is a type of cyber attack that aims to make a website or service unavailable by overwhelming it with traffic from multiple sources. The attack primarily targeted our server infrastructure, with a large number of requests coming from various IP addresses around the world.

Our team was able to quickly identify the attack and implement measures to counteract it, such as implementing firewall rules to block malicious traffic and redirecting traffic to our backup servers. We also closely monitored the situation and made adjustments as necessary to ensure that the availability and performance of our website was not compromised.

We have also analyzed the origin of the attack and found that the majority of the traffic was coming from the United States, Russia, China, Singapore, Spain, Hong Kong and Japan. However, it's worth noting that these IP addresses could have been spoofed and did not necessarily indicate the true origin of the attack.

In terms of the methods used, the attack primarily consisted of HTTP and JavaScript requests, with some signs of automated program attack mode. However, we are still investigating to confirm the details of the attack.

Overall, we would like to assure our communities that we have taken all necessary measures to ensure the security and availability of our website and we will continue to closely monitor the situation. We would also like to remind our communities that if you notice any suspicious activity on the ISAB website, please do not hesitate to contact us. Your help in keeping our website secure is greatly appreciated.