Dreamhost is under DDoS Attack


Earlier, we were unable to published the post here because at its current incarnation, 37prime is hosted by Dreamhost. We posted one at our WordPress.com-hosted blog.

From @Dreamhost:

“Our engineers have identified the cause of the DNS degradation as a Distributed Denial of Service (DDoS) attack. dreamhoststatus.com

Dreamhost is currently in the news as the Department of Justice “demands that DreamHost hand over 1.3 million visitor IP addresses” for a site hosted by the company.

Wordfence chimed in:

The DDoS appears to be unrelated to the DoJ request above. It looks like it may be an Anonymous attack targeting the Dreamhost DNS to try to take a white supremacist website called ‘punishedstormer dot com’ offline. The website came online today and is hosted at Dreamhost.

We will closely follow this news.

Dreamhost forces password reset due to security issue.

Security advisory from Dreamhost from January 20th, 2012: Changing Shell/FTP Passwords due to Security Issue

Last night we detected some unauthorized activity within one of our databases. While we don’t have evidence that customer passwords were taken at this time, we’re forcing a change out of caution.

If you are Dreamhost customer, you should change your password on the side of caution.

On related note, Dreamhost apparently saves password in clear text.