A DDoS in Asia Pacific

UPD: As of July, 13, ordinary service has been restored everywhere, except for mainland China.

Just in case you're not following us on Twitter, Telegram's Asia Pacific server cluster has been under a DDoS attack since morning on July, 10.

This means that if you live in South East Asia, Oceania, Australia or certain parts of India, you may have been experiencing slower connection speeds or no connection at all for several hours that weekend.

What is this DDasdf thing?

DDoS stands for Distributed Denial of Service and means that a lot of computers start making requests to a server, so that the server is slowed down or stops responding. To put this into familiar terms, imagine a thousand people jamming themselves into a bus at 6 PM on a weekday. They get in, you don‘t and that’s all a DDoS attack is.

Unlike on the bus though, the people who are getting in your way don‘t even know they’re doing this. DDoS attacks are carried out by botnets — thousands of computers and servers that were turned into remotely controlled zombies by malware and viruses.

What exactly hit Telegram?

We've been hit with 200 Gbps of junk traffic, which feels roughly like having 200 billion very random people squeeze into your bus every second. For the most part, it was a relatively new type of DDoS known as Tsunami SYN flood, but the attackers have shown some flexibility in their methods and adapted to changes pretty quickly.

The garbage traffic came from about a hundred thousand infected servers, most noticeably, in LeaseWeb B.V., Hetzner Online AG, PlusServer AG, NFOrce Entertainment BV, Amazon and Comcast networks. That said, the attack was distributed evenly across thousands of hosts and none contributed more than 5% of the total volume.

Fighting back would‘ve been a little easier, if the abuse departments in most of the mentioned companies didn’t process requests 9-5, Mon-Fri only. (Hours more befitting a scuba-diving shop in Vatican.)

Who's behind this?

Orchestrating a DDoS attack is a criminal offence in most countries and wouldn't bring good publicity to a company, so attackers usually hide their traces as best they can. It could be an angry government or an unhappy competitor.

By now we know that the attack was being coordinated from East Asia.

What's next?

Attacks on the scale of the one we were facing have become possible only recently and it‘s the first time we’ve met anything like this. But some of us have over 10 years of operating major web-services in Europe under our belts, so don't you worry!

We've managed to stay online for 95% of our users worldwide. And as for defending the affected 5%, we‘ve got quite a few surprises up our sleeve. But we’d rather not talk about them here, since the attackers are certainly reading this as well. (hi there! ;)

So while we can't really tell you any details, we have good reasons to hope that connection will be flawless as usual for 100% of our users again. Take heart and tell your friends. Our sysadmin cyborgs are working on this 24 hours a day.


July 13, 2015
The Telegram Team


다른 뉴스

체크리스트, 추천 게시물 및 채널을 위한 추가 수익화 옵션

오늘 업데이트에서는 팀과 개인이 텔레그램을 떠나지 않고도 작업을 추적할 수 있도록 돕는 체크리스트가 도입되었습니다. 또한 추천 게시물 기능이 추가되어, 채널과의 파트너십 및 프로모션을 안전하고 쉽게 조직할 수 있으며, 크리에이터가 콘텐츠를 크라우드소싱하고 수익화할 수 있는 새로운 기회를 열어줍니다.
7월 1, 2025

채널용 다이렉트 메시지, 음성 트리밍, 주제 탭 및 HD 사진

오늘 업데이트에서는 사용자가 좋아하는 채널과 대화를 시작하는 새로운 방법, 주제를 더 효율적으로 탐색하는 기능, 음성 메시지를 보내기 전에 다듬는 기능, 더 높은 화질로 사진을 보내는 기능 등 다양한 기능이 추가되었습니다.
6월 3, 2025

기프트 마켓플레이스, 여러 스토리 한 번에 게시, 채널 자동 번역

텔레그램의 두 번째 주요 업데이트가 단 7일 만에 출시되었습니다! 이제 새로운 마켓플레이스에서 수집용 선물을 안전하게 사고팔 수 있습니다. 스토리 에디터를 사용하면 여러 개의 스토리를 한 번에 게시하거나 긴 동영상을 여러 개의 스토리로 나눌 수 있습니다. 채널은 자동 번역을 활성화하여 모든 사용자가 자신의 언어로 게시물을…
5월 8, 2025

더욱 안전한 그룹 통화, 자동 계정 등

오늘 업데이트에서는 매우 안전하고 사용하기 쉬운 그룹 통화를 도입합니다. 또한 텔레그램 비즈니스 계정에 대한 완전 자동화를 가능하게 하는 주요 업그레이드를 출시하고, 선물 사용자에 대한 새로운 옵션, 계정 제한에 대한 이의 제기를 더 간단하게 하는 방법 등을 제공합니다.
4월 30, 2025