Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Shells Virtual Desktop
BMail.ag - Secure Email Service
Server.net
CPLicense.net
VPS Server
Buy VPN
Vultr
VMs for AI
HostDare
ReliableSite White-Label Dedicated Hosting for Resellers
InterServer VPS
BMail.ag - Secure Email Service
Best VPN
High-Performance Bare Metal Server Solutions
Karvl.com
Server Mania Cloud Hosting
DataWagon Hosting
AlphaVPS Hosting
Evoxt.com
Clouvider
VPS Hosting with NVMe
Residential IPs in the US & 4G Mobile Proxies in EU & US with Unlimited Bandwidth
ReliableSite White-Label Dedicated Hosting for Resellers
Rabisu - Hosting Solutions
Shells Virtual Desktop

Categories

In this Discussion

Home Providers Outages
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

neoprotect down due to DDoS and CDN77 / Datapacket has deactivated all BGP sessions

FubukiboxFubukibox Member
in Outages

Neoprotect got DDoSed that all ipv4/ipv6 is delisted from bgp. Anyone else vps/vds is offline?

https://neoprotect.statuspage.io/incidents/kdmtx0wk3h1l

Global outage

Update - Our Upstream CDN77 / Datapacket has deactivated all BGP sessions towards our network. This results in full downtime of all associated services such as all Remote Shield customers (aside from XC customers in AMS).
The ETR given by them at this time is "tomorrow", we are trying to get this reconsidered but we do not estimate for reconsideration to happen in our favor.

The root cause for this to happen was an attack targeted towards many prefixes announced by us that reached many Terabits and continued for over 20 minutes. The attack started at 2025-10-30 21:12:40 CEST with first BGP sessions being deactivated at 2025-10-30 21:30:00 CEST. All sessions were down/no traffic was visible anymore as of 2025-10-30 21:36:40 CEST.
The cause of this was not of any other nature.

Game Shield customers were only shortly affected and only Bedrock Ports are currently affected and will be restored ASAP over alternative infrastructure.
On Premise customers are unaffected.

Game Shield Java connections are currently resolved. We have purchased capacity for additional 20k concurrent players elsewhere to handle the peak load expected. Customers with dedicated bedrock ports may contact us, including "Bedrock port" in their request, preferably ticket title to be worked on in a fast manner so Bedrock connections are turned up again.

We understand the severity and impact this has on our customers and their business. We deeply regret this action being done and will ensure to share updates as available and will follow up with more details and background tomorrow.
Oct 30, 2025 - 21:26 UTC
Update - There is a major outage ongoing of our entire network, Game Shield is being re-routed to alternative infrastructure. We will provide updates as available. There is no ETR at this time.
Oct 30, 2025 - 20:41 UTC
Update - The following shall aid to provide a sufficient overview of the current situation and the work done by NeoProtect.

Notice: Game Shield Customers may update their firewalls to reflect all currently listed IPs here: https://api.neoprotect.net/v2/public/servers/txt .

What happened?

Our network, that being multiple customers at the same time, was within the target scope of a major scale DDoS attack connected to the Aisuru botnet. We faced a total of 5 different attack vectors, each seen in different scale over time and reaching up to many Terabits per Second. 
While the actual total peak size is not known, we estimate it to be at around 10-20 Tbit/s peak for one of those vectors.
Certain vectors unfortunately impacted several customers in varying locations, in multiple ways, resulting in frequent degraded service quality for ~60 seconds each.

This attack landscape is challenging for almost all networks targeted by this, as well due to the sole origin of malicious traffic being primarily from residential sources all around the world, with the U.S. being the most prominent source of origin.

When was impact noticed?

The primary impact started at 2025-10-24 21:52:40 CEST and issues occurred frequently until 2025-10-24 23:52:50 CEST. A second primary impact was noticed at 2025-10-25 20:58:42 CEST with no frequent recurrance seen.
Isolated customer impact was bespoken with those impacted and minimized wherever possible and sufficient information given.


We are working hard to address and minimize impact globally and have achieved success in doing so with the majority of vectors, with however one vector stil challenging parts of our infrastructure.  
Main pain points are certain path's congesting during said attacks while overall capacity is handled in a proper manner. We are in close communication with CDN77 engineers to optimize this and are working to gain further insights resulting in accurracy while pinpointing impact paths.

Along with that, we have also made further progress on offloading implementations of ddos mitigation algorithms to ASICs, the way, speed and accurracy of safeguard systems acting as well as traffic steering and congestion control globally.
We are also in talks with multiple potential upstream providers as well with different lead times in terms of implementation to evaluate standing as we are.

Our main goal at NeoProtect was and has always been to provide technological excellence, optimal approaches to problems and a generally better and easier protection outcome for each and every user. The issues here however do not relate to technological capabilities of our software and/or hardware implementations, but solely the scale of operation. 

We apologize for the impact these incidents caused and appreciate your understanding that we are working hard towards resolvement.
Our customer support and engineering appreciates impact details if any are or were noticed and specifically in regards to geographical scope, destination IP impacted and similar useful information.
Thank you in advance for your cooperation in aiding to resolve this matter quicker.
Oct 26, 2025 - 02:04 UTC
Investigating - We are investigating this issue since 2025-10-24 21:52:40 CEST. We will provide updates here as we have more information to share.

The issue occurs frequently for ~60 seconds each.
Our team is working hard to find alternate solutions to address this asap and wants to thank you for your understanding and patience in the meantime.
Oct 24, 2025 - 21:16 UTC
Thanked by 4oloke Alyx cainyxues nekomikoreimu
«1345

Comments

Sign In or Register to comment.