Whirlpool DDoS attacks to be reported to police

Australian broadband forum Whirlpool was today hit with a distributed denial of service attack, the second day in a row the popular site was attacked.

The site that was down for much of yesterday morning due to a DDoS attack from IP addresses in Denmark and the US was attacked again from multiple international addresses at 10pm last night and remains crippled this morning.

The site's founder expects it to be out of action for much of the day.

UPDATE: Whirlpool came back online just after 6pm.

Lorenzo Modesto, chief operating officer at Whirlpool's hosting provider Bulletproof Networks, said the offending IP addresses were blocked within 20 minutes of the second attack starting. He said he has enough data on the attacks to pass on a solid lead to the Australian Federal Police.

"As a result of the latest Distributed Denial of Service attack, which started at approximately 9.40pm on Tuesday the 29th of June, Bulletproof Networks and Whirlpool will be reporting the recent DDoS activity targeting Whirlpool to the Australian Federal Police as defined under Commonwealth legislation within Part 10.7 - Computer Offences of the Criminal Code Act 1995, including denial of service attacks and distributed denial of service attacks using botnets," Bulletproof told iTnews in a statement.

"All relevant information gathered to date, including all documented source IP addresses, the identified platform (mostly Plesk) and the vulnerability, as well as all important forensic data gathered from some compromised servers that have been preserved as a crime scene following the attacks, will be passed on to the relevant authorities so that they can formalise the matter and follow the relevant processes."

The NSW Police will be first to receive the matter.

"As each state and territory in Australia has its own legislated computer-related offences which are similar to the Commonwealth legislation, the matter will be reported to the NSW Police to then escalate to the AFP."

Modesto told iTnews that Bulletproof can't afford for the attack to distract the company from customers such as BlueScope Steel, Borders and DMG Radio.

In a swipe at the Federal Government he said it should focus on such attacks instead of internet filters: "It would be great if there were a Government initiative that effectively assisted with this type of event rather than everyone's favourite spams or scams, but unfortunately it won't so they've got to be dealt with through the proper process and with the relevant authorities [police]".

Yesterday, Modesto joked that "20,000 spams and scams coming through the portal" were responsible for the outage.

In a humorous aside last night, Whirlpool founder Simon Wright tweeted that "someone out there doesn't want geeks to talk about stuff! What an evil villain. Somebody call Batman."