In an announcement posted on the Blender website, company COO Francesco Siddi said that the attack started on November 18, and it’s been quite voluminous. There were more than 240 million fake requests aimed at the company’s servers.
It made a few changes in an attempt to mitigate the attack, but the results are still a mixed bag.
Reader Offer: $50 Amazon gift card with demo
Perimeter 81's Malware Protection intercepts threats at the delivery stage to prevent known malware, polymorphic attacks, zero-day exploits, and more. Let your people use the web freely without risking data and network security.
Preferred partner (What does this mean?)
Looking for the installer
First, the company tried to block certain IP addresses used in the attack, but that didn’t help much: "The administrators have been working on it non-stop. Attempts to block IP ranges from attackers did not work, as they quickly came back from other locations,” the announcement reads.
Then, four days into the attack, the team moved its main website to CloudFlare. This helped, to some extent, but still could not resolve the problem entirely. Parts of the website were still down, some users were forced to solve a bot-filtering “challenge” to enter, and visiting the homepage didn’t work unless users typed “www.blender.org” instead of just “blender.org”.
The announcement was updated late Wednesday night, saying “all blender.org sites are back online and operating normally.” However, another attack started in the meantime “but it’s being mitigated and should not be affecting the website experience.”
At press time, “blender.org” still returned a “page unavailable” error, while “www.blender.org” worked.
The identity of the attackers or their motives are currently unknown. No ransom demand was posted either.
DDoSing the main website could force users to look for the software suite elsewhere, which might put them at risk of malware, BleepingComputer suggests. Blender is used to create animated films, video games, graphics and visual effects, and similar: “If you're looking to get a Blender installer and the official site is down, you may always source a DRM-free version from Steam, which doesn't require Valve's client to run,” the publication added.
You can also find Blender on GitHub or on the Microsoft Apps Store.
More from TechRadar Pro
- US government, thousands of businesses now thought to have been affected by SolarWinds security attack
- Here's a list of the best firewalls around today
- These are the best endpoint security tools right now