This month, we’ve seen waves of attacks by (what appear to be) bots testing stolen credit card numbers on the service. It started around the 4th, which we were able to stop relatively easy. The attackers gave up for a bit, then picked it up again this past Sunday with new tactics that caused some intermittent downtime.
Dealing with this has occupied most of my week, as we close / open registrations, and keep up with the attackers’ shifting tactics. But with the work I’ll be finishing up this weekend, the service should be much more resilient towards these types of attacks.
Thoughts? Discuss...