Gobi Singapore Email Server Attacked by Cybercriminals using Hitwheeste DDos
The website gobi.com.sg, a cake shop in Singapore, had their email server taken down by a Hitwheeste DDoS attack. Cybercriminals behind the attack sent out thousands of emails and spoofed those emails to make them appears as if they were sent from info@gobi.com.sg. This means the emails were sent from the cybercriminals' email servers, but they changed the "From" address to make them appear as if they came from "info@gobi.com.sg".
Now, a lot of the emails bounced or failed to reach the recipients, thereby causing thousands of returned emails to be sent back to gobi.com.sg's email server, although they didn't send the emails in the first place.
What is a DDoS Attack?
A Distributed Denial of Service (DDoS) attack is a cyber-attack in which cybercriminals seek to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.
What is Email Spoofing?
E-mail Spoofing is the process of changing the sender's email address, name and other routing information of an e-mail message, to make the e-mail appear as if it came from someone else. So, although an email message may have appeared as if it came from someone or has that person's e-mail address in the "From" address line, it doesn't mean it was sent by that person.
Click here to learn more about email spoofing.
When contacted gobi.com.sg was able to provide the following information:
- "You received an email from this address info@gobi.com.sg. It's our email address but we didn't send it. We are a cake shop in Singapore. Our email was spoofed (faked) by this IP address: 172.93.148.217 operated by Proximum. The email is a phish. Please don't enter any of your information."
- gobi.com.sg website was recently brought down by the Hitwheeste DDos. We will take every opportunity to find the source of the DDos attack. We would appreciate if you could help us look into this.
Check the comment section for additional information, or share what you know or ask a question about this article, by clicking the 'View or Write Comment' button below.
Note: Some of the information in samples on this website may have been impersonated or spoofed.