1 comment

[ 2.6 ms ] story [ 15.6 ms ] thread
Apparently it is fairly trivial to DDoS a Gmail account's inbox. An attacker completely shut off my (and several other developers') incoming email for 3 days and counting. The attack is apparently using a script to register me to tons of WordPress sites. The deluge of spam is tripping Gmail's daily incoming email limit, which causes incoming emails to bounce.

This attacker is targeting contributors to an open source software project (CTFd [0]) that is focused on promoting computer security.

Other gmail forum posts indicate that the same attack has been used in the past to silence suspicious activity notifications while attacking a secondary account.

[0]: https://github.com/CTFd/CTFd