Dev.ua is under a DDoS attack; editors suggest Russian involvement

On May 14, the website of the online media outlet dev.ua suffered an intense DDoS attack, which led to temporary problems in the website's functioning. The editors assume that the attack could have been orchestrated from Russia, reports dev.ua chief editor Stas Yurasov to AIN.UA.

According to him, the attack occurred after they switched of the Cloudflare protection, as the service had decided to continue working in Russia in 2022.

Yurasov explained that they decided to disable the service because one of the IP addresses in the Cloudflare pool was blocked in Ukraine for being used by Russian torrent networks.

Immediately after Cloudflare was shut down, the portal was targeted by a DDoS attack – 240 million requests in three hours.

The site was stabilized for a while after the team reactivated Cloudflare and stepped up anti-bot defense. However, the attackers launched a new attack, this time on the host's IP address, resulting in it being blocked.

The attackers also tried to discredit dev.ua with links to PornHub and dubious resources. Now the dev.ua website is stable.

The reasons for the attack are still unclear, but dev.ua suggests that it could have been orchestrated from Russia and, based on their previous experience with cyberattacks, may be related to their recent reporting such as an interview with the deputy head of the National Security and Defense Council, Serhiy Demedyuk, where he talked about Telegram and called Pavel Durov an agent of the Russian special services.

On May 14, Hromadske Radio reported that they were fighting back a DDoS attack that had started on the night of May 12. It occurred in two waves and reached 84.22 million requests at its peak.