THOUSANDS OF SMALL BUSINESSES continue to suffer intermittent outages of their websites in the crucial lead up to Christmas, after their provider Moonfruit took all sites offline yesterday.
A statement from the company at 1pm today said: "Our operations team is continuing to work on resolving the service issue. We are making progress but unable to provide specific details at this time. Once again, we're really sorry for the disruption. Your patience and understanding is very much appreciated."
A further update was scheduled for 3pm but had not materialised at the time of publication.
The identikit website creator made the unusual decision after facing a prolonged DDoS attack against its servers last Thursday from a hacking group calling itself Armada DDoS. The company is believed to have had renewed threats of further attacks and is still suffering a significant degradation of service.
The motives for the attack are currently unknown.
Moonfruit began restoring service this morning, but at 1pm many customers were still having problems, and the main Moonfruit site was offline.
Moonfruit is one of the oldest sites of its type, dating back to 2000. The British company was initially advertising-based and free before moving to a subscription model when the last bubble burst.
The whole system was based on Adobe Flash until recently, but has been adapted for HTML5, which represents an important step in its survival as more browsers stop rendering the ageing platform.
However, the company announced earlier today that it is taking all its sites offline for 12 hours after a sustained distributed denial-of-service (DDoS) attack on its servers.
Dave Larson, chief operating officer at Corero Network Security, said: "Unfortunately, the sheer size and scale of hosting or data centre operator network infrastructures and their massive customer base presents an incredibly attractive attack surface due to the multiple entry points and significant aggregate bandwidth that acts as a conduit for a damaging and disruptive DDoS attack.
"As enterprises of all sizes increasingly rely on hosted critical infrastructure or services, they are placing themselves at even greater risk from these devastating DDoS attacks, even as an indirect target."
DDos attacks grew by a third in just the past quarter. A Swedish bank was brought down last month, while GitHub was taken offline earlier in the year by an attack thought to have originated in China.
Moonfruit customers have expressed their anger at the short notice and timing of the outage. Many are obviously concerned about potential loss of sales in the run up to Christmas, but Moonfruit maintained that the downtime is necessary to make "infrastructure changes".
"We have been working with law enforcement agencies regarding this matter and have spared no time or expense in ensuring we complete the work as quickly as possible," said the company's director, Matt Casey, in a statement posted to the Moonfruit Facebook page.
The Moonfruit site, which is built on its own platform is back up and running. A further statement from Moonfruit last night said, "We know how painful this has been for you and your business. We have used the time well and our defenses have improved substantially. Thank you for your patience and support throughout this crisis. We are nearly there and hope to fully restore service by early evening.
As always, we care about the Moonfruit Community and will keep you informed. You have no idea how much the messages of support have meant as we've burned the midnight oil over the weekend to put things right, and to better position you for the future." µ
It's the week in Google news
Erik Estrada wouldn't have stood for this
Hacks in support of WikiLeaks founder target gov websites