手機通訊 App 林朗滿目，從大廠臉書到新創公司都有相關的 App，有幾款通訊 App 像是 Telegram 強調祕密通訊。最近幾天 Telegram 在東亞的用戶感覺連線狀況不佳，時常斷線。官方在推特帳號說他們被 DDoS 攻擊，而 CEO 的發言則語不驚人死不休的指出這次攻擊與競爭對手有關。





Telegram CEO Pavel Durov 指 Line 搞手段讓 Telegram 在 Google Play 被下架一陣子，報復 Telegram 的自訂貼圖功能，能夠直接將自己的小圖片加到 Telegram 裡，妝點對話。Line 的貼圖功能是其重要收入來源，有一些無視版權的使用者將 Line 上的貼圖，整批搬到 Telegram 使用，因此 LIne 公司不高興，讓 Telegram 在 Google Play 下架一陣子。


\


▲ Telegram CEO Pavel Durov 在推特上指 Line 母公司 Naver 跟這次 DDoS 有關



Telegram 在官方部落格發文，指出他們的亞太地區的伺服器遭到 DDoS 攻擊，造成東南亞、大洋洲以及澳洲的用戶受到影響。Telegram 說他們遭到 200 GB 的流量攻擊，流量來源遍佈各大平台，手法則是新型態的 DDoS 手法 Tsunami SYN flood。

Durov 在另一則推特貼文指出他們近兩個月用戶成長三倍，因此讓競爭對手嚇壞了。Telegram 的競爭對手出手打擊 Telegram 也不意外。

一般來說很難找到 DDoS 的攻擊發起者，攻擊者會盡可能隱藏其蹤跡。不過 Telegram 從各項跡象來看，指出攻擊者是從東亞一帶指揮疆屍電腦攻擊。



Telegram 用戶越來越多

去年十月南韓總統想要箝制批評她的聲音，打擊南韓流行的即時通訊軟體 Kakao 和 Line 上的不利言論，造成不少南韓人轉而使用保障通訊隱私的 Telegram。在香港先前則是議員 WhatsApp 通訊外洩，也造成不少人改用 Telegram。臺灣也有人不少使用 Telegram，從原來資訊科技愛好者圈子，變得越來越普及。




▲ Durov 被迫離開其創辦的社交網站 VK

講到 Pavel Durov，他曾是俄國最大社交網站 VK 的創辦人兼 CEO 。如今他致力確保人們祕密通訊的權利，離開俄國之後全心投入 Telegram 的開發。

http://technews.tw/2015/07/13/telegram-accused-the-competitor-from-south-korea-launched-the-ddos-attack/

[#bd202a]A DDoS in Asia Pacific[/#bd202a]

UPD: As of July, 13, ordinary service has been restored everywhere, except for mainland China.
Just in case you're not following us on Twitter, Telegram's Asia Pacific server cluster has been under a DDoS attack since morning on July, 10.

This means that if you live in South East Asia, Oceania, Australia or certain parts of India, you may have been experiencing slower connection speeds or no connection at all for several hours this past weekend.

What is this DDasdf thing?
DDoS stands for Distributed Denial of Service and means that a lot of computers start making requests to a server, so that the server is slowed down or stops responding. To put this into familiar terms, imagine a thousand people jamming themselves into a bus at 6 PM on a weekday. They get in, you don‘t and that’s all a DDoS attack is.

Unlike on the bus though, the people who are getting in your way don‘t even know they’re doing this. DDoS attacks are carried out by botnets — thousands of computers and servers that were turned into remotely controlled zombies by malware and viruses.

What exactly hit Telegram?
We've been hit with 200 Gbps of junk traffic, which feels roughly like having 200 billion very random people squeeze into your bus every second. For the most part, it was a relatively new type of DDoS known as Tsunami SYN flood, but the attackers have shown some flexibility in their methods and adapted to changes pretty quickly.

The garbage traffic came from about a hundred thousand infected servers, most noticeably, in LeaseWeb B.V., Hetzner Online AG, PlusServer AG, NFOrce Entertainment BV, Amazon and Comcast networks. That said, the attack was distributed evenly across thousands of hosts and none contributed more than 5% of the total volume.

Fighting back would‘ve been a little easier, if the abuse departments in most of the mentioned companies didn’t process requests 9-5, Mon-Fri only. (Hours more befitting a scuba-diving shop in Vatican.)

Who's behind this?
Orchestrating a DDoS attack is a criminal offence in most countries and wouldn't bring good publicity to a company, so attackers usually hide their traces as best they can. It could be an angry government or an unhappy competitor.

By now we know that the attack is being coordinated from East Asia.

What's next?
Attacks on the scale of the one we‘re facing today have become possible only recently and it’s the first time we‘ve met anything like this. But some of us have over 10 years of operating major web-services in Europe under our belts, so don’t you worry!

We've managed to stay online for 95% of our users worldwide. And as for defending the affected 5%, we‘ve got quite a few surprises up our sleeve. But we’d rather not talk about them here, since the attackers are certainly reading this as well. (hi there! ;)

So while we can't really tell you any details, we have good reasons to hope that connection will be flawless as usual for 100% of our users again. Take heart and tell your friends. Our sysadmin cyborgs are working on this 24 hours a day.


July 13, 2015
The Telegram Team

https://telegram.org/blog