A DDoS in Asia Pacific

UPD: As of July, 13, ordinary service has been restored everywhere, except for mainland China.

Just in case you're not following us on Twitter, Telegram's Asia Pacific server cluster has been under a DDoS attack since morning on July, 10.

This means that if you live in South East Asia, Oceania, Australia or certain parts of India, you may have been experiencing slower connection speeds or no connection at all for several hours that weekend.

What is this DDasdf thing?

DDoS stands for Distributed Denial of Service and means that a lot of computers start making requests to a server, so that the server is slowed down or stops responding. To put this into familiar terms, imagine a thousand people jamming themselves into a bus at 6 PM on a weekday. They get in, you don‘t and that’s all a DDoS attack is.

Unlike on the bus though, the people who are getting in your way don‘t even know they’re doing this. DDoS attacks are carried out by botnets — thousands of computers and servers that were turned into remotely controlled zombies by malware and viruses.

What exactly hit Telegram?

We've been hit with 200 Gbps of junk traffic, which feels roughly like having 200 billion very random people squeeze into your bus every second. For the most part, it was a relatively new type of DDoS known as Tsunami SYN flood, but the attackers have shown some flexibility in their methods and adapted to changes pretty quickly.

The garbage traffic came from about a hundred thousand infected servers, most noticeably, in LeaseWeb B.V., Hetzner Online AG, PlusServer AG, NFOrce Entertainment BV, Amazon and Comcast networks. That said, the attack was distributed evenly across thousands of hosts and none contributed more than 5% of the total volume.

Fighting back would‘ve been a little easier, if the abuse departments in most of the mentioned companies didn’t process requests 9-5, Mon-Fri only. (Hours more befitting a scuba-diving shop in Vatican.)

Who's behind this?

Orchestrating a DDoS attack is a criminal offence in most countries and wouldn't bring good publicity to a company, so attackers usually hide their traces as best they can. It could be an angry government or an unhappy competitor.

By now we know that the attack was being coordinated from East Asia.

What's next?

Attacks on the scale of the one we were facing have become possible only recently and it‘s the first time we’ve met anything like this. But some of us have over 10 years of operating major web-services in Europe under our belts, so don't you worry!

We've managed to stay online for 95% of our users worldwide. And as for defending the affected 5%, we‘ve got quite a few surprises up our sleeve. But we’d rather not talk about them here, since the attackers are certainly reading this as well. (hi there! ;)

So while we can't really tell you any details, we have good reasons to hope that connection will be flawless as usual for 100% of our users again. Take heart and tell your friends. Our sysadmin cyborgs are working on this 24 hours a day.


July 13, 2015
The Telegram Team


다른 뉴스

제휴 프로그램, AI 기반 스티커 검색, 콜라주 등

오늘, 우리는 텔레그램의 콘텐츠 제작자와 미니 앱 개발자를 위한 흥미로운 소식을 전합니다. 제작자는 이제 자신의 노력을 수익화하고 별을 얻을 수 있는 간단한 방법을 가지게 되었으며, 미니 앱 개발자는 새로운 사용자를 유치할 수 있는 강력한 도구를 얻게 됩니다. 또한, 텔레그램 사용자는 이제 AI를 사용하여 스티커를 찾고…
12월 4, 2024

미니 앱 2.0: 전체 화면 모드, 홈 화면 아이콘, 지리적 위치 및 10가지 추가 기능

오늘 우리는 미니 앱 역사상 가장 큰 업데이트를 출시합니다. 미니 앱은 전체 화면 모드, 구독 계획, 홈 화면 바로가기, 선물 보내기, 미디어 공유, 문서 작성, 위치 정보 접근, 모션 트래커, 이모지 상태 설정 등을 지원합니다.
11월 17, 2024

개선된 비디오 및 그 외 다수

오늘 업데이트에서는 영상의 더 빠른 로딩, 더 나은 품질 및 새로운 속도 제어 기능, 마지막 편집 타임스탬프, 보낸 메시지에 미디어 첨부, 미니 앱의 증가된 제한, 개발자를 위한 새로운 수익화 옵션 등 다양한 기능이 추가되었습니다.
10월 31, 2024

선물, 검증 플랫폼 및 기타

사용자들은 이제 친구들에게 선물을 보낼 수 있습니다: 선물의 수신자는 자신의 프로필 페이지에 선물을 표시하거나 별로 전환할 수 있습니다. 추가로, 텔레그램은 기업들이 고객의 전화번호를 인증할 수 있는 플랫폼을 출시했습니다: 이 새로운 인증 플랫폼은 사용자가 텔레그램을 통해 코드를 받아 전화번호를 쉽게 확인할 수 있게 하며…
10월 5, 2024