Encrypted Email Firm ProtonMail Pays Ransom to Hackers After Massive DDoS Attack

ProtonMail, an encrypted email provider, has been coerced into forking over 15 bitcoin (the equivalent of $6000) by hackers who targeted the provider with a sustained DDoS attack that started on Nov. 3.

A recent report pegged 2016 as the year of online extortion, but that time may have come a bit sooner than predicted.

ProtonMail was launched by researchers at the CERN lab in Switzerland and MIT, marketing itself as an “NSA-proof” email solution with the simplicity of Gmail, according to a report by Forbes. It raised more than $500,000 in crowdfunding and released its Android and iPhone apps this summer. ProtonMail had planned to open up general availability later this month.

In a blog post ProtonMail described the attack as “quite unprecedented in size and scope.” The initial attackers, a group of cybercriminals working out of Switzerland, used “an unprecedented level of sophistication.”

ProtonMail provides a detailed recount of the attack on the blog it had to set up to communicate with customers. It believes that the attacks were actually launched by two separate groups; the group who extorted ProtonMail launched the first attack, but the second attack was much more sophisticated.

ProtonMail and the investigating authorities believe that the second attack exhibited “capabilities more commonly possessed by state-sponsored actors.”

The attackers targeted the infrastructure of its upstream providers and data center, exceeding 100Gbps and attacking the data center and routers in Zurich, Frankfurt and other node locations of its ISP. The attack “impacted hundreds of other companies, not just ProtonMail,” according to the blog post.

ProtonMail told Forbes that it received pressure from its ISP and data center provider because “the collateral damage was just too much for them” – something that ProtonMail co-founder Andy Yen said he doesn’t “blame them” for.

As a result, ProtonMail is relying on crowdfunding to help cover the cost of the DDoS protection. The campaign, created on GoFundMe on Thursday, has raised $5,291 of its $50,000 goal in the first four hours of its campaign.