Those of you attempting to make some new friends via Meetup.com might end up hanging out alone for the time being.

The social networking site was battling a massive cyberattack over the weekend and on Monday against hackers who are demanding $300 to call off the assault, which has kept the site offline for much of the past four days. As of Monday afternoon, Meetup.com could not be accessed.

In a blog post published Sunday, Meetup co-founder and CEO Scott Heiferman said the site has been fighting a "massive" distributed denial of service (DDoS) campaign against its servers. Such attacks aim to disrupt a target's online business or knock its website offline, by overloading its servers with more traffic than they can handle.

The problem started on Thursday morning when Heiferman received an email warning him that an attack was on the way. "A competitor asked me to perform a DDoS attack on your website. I can stop the attack for $300 USD. Let me know if you are interested in my offer," the email read, according to Heiferman.

The attack began simultaneously. Meetup's servers were quickly overwhelmed with traffic and its services went down. The company's security team quickly got to work mitigating the attack, but the site remained unavailable for almost a full 24 hours.

Shortly after everything was cleared up, the attackers struck again. Meetup's engineering team then implemented a new solution and got the site and apps back up and running. Then, the attackers launched another "strong attack," the company reported, taking Meetup.com down for a third time.

"While we're confident that we're taking all the necessary steps to protect against the threat, it's possible that we'll face outages in the days ahead," Heiferman wrote.

Some might wonder, though, why not just pay the $300? Heiferman's answer was four-fold, starting with a decision not to negotiate with criminals.

Secondly, "the extortion dollar amount suggests this to be the work of amateurs, but the attack is sophisticated," he said. "We believe this lowball amount is a trick to see if we are the kind of target who would pay." Plus, paying could make the company a target for further extortion demands and, finally, Meetup is "confident" it can ward off such attacks, even if it takes time.

"YOU CAN COUNT ON MEETUP to be stable and reliable soon. We'll continue to work diligently to restore the site and the apps, to bring back all features, and to minimize the effects of the service outages," he concluded.

Meanwhile, DDoS attacks are getting more sophisticated. Web security company CloudFlare last month disclosed a massive DDoS attack, which peaked yesterday "just shy" of 400 gigabits per second, making it the largest-ever such assault.

Further Reading

Software & Service Reviews