We hope that the information shared in this article may be useful to VPN service providers and online services. We have tried to fill it in with as much detail as possible to provide a better picture of this issue. If you have been targeted by the same type of attack and need advice, please do not hesitate to contact us. We'll be happy to share our knowledge.
The VPN has been the target of DDoS attacks countless times in the past, but a couple of weeks ago we noticed something different and new to us.
Another botnet, which usually targets our customer management system, has now changed its attack direction to our API. A quick look at this showed that it was a credentialing exercise. Someone was using a collection of previously stolen credentials to try and verify them in our user base.
The VPN is primarily immune to this attack vector, as we generate a unique username for each new user.