VICTIM OF DDOS ATTACK – KIDNAPPED BY HOSTING PROVIDER

When Qurium, on behalf of the victim opened a support ticket with Name.come, the support recommend the victim to migrate to a third part vendor, and ignored to discuss the facts around the incident.

Name.com suspends and locks down account of independent media suffering
DDoS attack

Last week, yet another independent media outlet in Azerbaijan became
target of a DDoS attack after reporting on SOCAR, the State Oil Company
of Azerbaijan. The attack raises once again the issue of government
abuse against activists and journalists on the Internet in Azerbaijan.
However, this time we have a new actor involved, that is not playing in
favor for its own customer.  Name.com, a hosting and domain provider,
hijacked the content of the attacked website by suspending and locking
down the account without any explanation.

On July 18, the independent news site Azerbaycansaati.tv, hosted by
Name.come,  came under DDoS attack which lasted for two days. The site
was quickly null-routed by the hosting provider and 24h later, the
domain name, also managed by Name.com, did not resolve.

The attack began when Azerbaycansaati.tv published a story about SOCAR,
the State Oil Company of Azerbaijan. The attack was similar to other
attacks launched against independent media in Azerbaijan in the past,
which Qurium Media Foundation has investigated and attributed to
governmental infrastructures:
https://www.qurium.org/alerts/azerbaijan/azerbaijan-and-the-region40-ddos-service.

Once the news site went offline, the director of Azerbaycansaati.tv
reached out to Name.com to bring back the site. However, Name.com
responded by suspending the account, locking down the control panel, and
not providing any reason for their actions. The response read:

“Thank you for your response. Due to the nature of your suspension, we
cannot re-enable cPanel for you.”

When Qurium, on behalf of the victim opened a support ticket with
Name.come, the support recommend the victim to migrate to a third part
vendor, and ignored to discuss the facts around the incident.

After Qurium’s intervention, the site has been recovered and brought
back online after migration to Virtualroad.org.  The case is summarized
in the report “DDOS: the inconvenient business visitor of Name.com”.

The questions we want to raise is, why are victims of DDoS attacks
treated like criminals by many hosting provider? What is the
responsibility of the hosting provider when a paying client comes under
attack?

Please do not hesitate to reach out if you need more information,

Clara Zid