Blender servers taken offline by major DDoS attack
Persistent attack against Blender has been ongoing for days
Blender, the company behind the popular eponymous 3D modeling design software, is under a heavy distributed denial of service (DDoS) attack that brought its website down.
In an announcement posted on the Blender website, company COO Francesco Siddi said that the attack started on November 18, and it’s been quite voluminous. There were more than 240 million fake requests aimed at the company’s servers.
It made a few changes in an attempt to mitigate the attack, but the results are still a mixed bag.
Reader Offer: $50 Amazon gift card with demo
Perimeter 81's Malware Protection intercepts threats at the delivery stage to prevent known malware, polymorphic attacks, zero-day exploits, and more. Let your people use the web freely without risking data and network security.
Preferred partner (What does this mean?)
Looking for the installer
First, the company tried to block certain IP addresses used in the attack, but that didn’t help much: "The administrators have been working on it non-stop. Attempts to block IP ranges from attackers did not work, as they quickly came back from other locations,” the announcement reads.
Then, four days into the attack, the team moved its main website to CloudFlare. This helped, to some extent, but still could not resolve the problem entirely. Parts of the website were still down, some users were forced to solve a bot-filtering “challenge” to enter, and visiting the homepage didn’t work unless users typed “www.blender.org” instead of just “blender.org”.
The announcement was updated late Wednesday night, saying “all blender.org sites are back online and operating normally.” However, another attack started in the meantime “but it’s being mitigated and should not be affecting the website experience.”
At press time, “blender.org” still returned a “page unavailable” error, while “www.blender.org” worked.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
The identity of the attackers or their motives are currently unknown. No ransom demand was posted either.
DDoSing the main website could force users to look for the software suite elsewhere, which might put them at risk of malware, BleepingComputer suggests. Blender is used to create animated films, video games, graphics and visual effects, and similar: “If you're looking to get a Blender installer and the official site is down, you may always source a DRM-free version from Steam, which doesn't require Valve's client to run,” the publication added.
You can also find Blender on GitHub or on the Microsoft Apps Store.
More from TechRadar Pro
- US government, thousands of businesses now thought to have been affected by SolarWinds security attack
- Here's a list of the best firewalls around today
- These are the best endpoint security tools right now
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.