New DDoS Attack Friday

We are currently being attacked again, and are working with our partners to deflect the attack. At the moment our email services are inaccessible.

We greatly appreciate your support and will do everything we can to resume normal operations.

If you can’t reach our regular websites, please see and for updates.

UPDATE 18:30 CET: We are partly back online after putting in place new countermeasures.

UPDATE 19:15 CET: Our email services are currently inaccessible and we are working to mitigate the attacks.

UPDATE 19:25 CET: Email services partly online again.

UPDATE 19:50 CET: Some of our customers will have intermittent access while we implement various measures. We can’t provide any details about these, but it’s a fairly busy day at Runbox. We greatly appreciate your understanding and support while we fend off these attacks.

UPDATE 23:26 CET: We are starting to open up services again for the time being. There will be an incoming mail queue. Thanks again for your understanding.

UPDATE 00:13 CET: Services are returning to normal now. There will be an incoming mail queue for a while. Thanks again for your patience and understanding.

UPDATE 01:46 CET: Services are continuing to return to normal now. There will be incoming mail delays for a while as external mail servers that tried to deliver mail earlier try again. Thanks once more for your patience and understanding during the last few hours.

UPDATE 08:45 CET: Services are currently running normally.

32 thoughts on “New DDoS Attack Friday”

  1. Fully support how you’re dealing with these atrocious attacks, even if it means being without email for a while – don’t give in to the bastards.

  2. Damn it I have accounts in both vfemail & runbox and both are affected. Is it the same bastards? Can anything be done?

  3. It seems like Hushmail and ProtonMail, only to name these, are currently experiencing the same DDoS attacks, and have been targets over the past days.

    It would be interesting to investigate, during the next “cyber-ceasefire”, on whether only small, independent and security-oriented e-mail providers were targeted, or if standard and larger providers were also attacked these days.

    Were you and your partners able you trace back the country of origin of past days assaults?

    In any case, I wish you the best of luck countering this. You provide an excellent service year-long, keep up the good work!


  4. I’m a relatively new user of Runbox, and wanted to ask you something.

    Does the DDoS attack merely mean that sent email, or email sent to me, will simply be delayed in arriving?

    I’m concerned that messages I send or which are sent to me, might disappear.

    I wish you every success in permanently fortifying your system against such attacks, in the interests of your customers.

  5. i really appreciate the status updates as i am working on a project that is also having a crisis myself and these update have enabled me to retrieve information i needed so i could continue working using an alternate server.
    i agree. you can’t give in. next time they will want more money and it only empowers them to attack other people.
    thanks for being such a good service.

  6. Tony, these attacks should not impact your incoming or outgoing email. These will be delivered when the attacks stop. The incoming mail might fail to be delivered if the DDoS persists for a long time, a week or so – which is rarely the case.

  7. Dear Runbox team

    I have been a customer for 7 years you provide a great service and therefore have loyal customers – you will be successful in beating this off

    best wishes


  8. How will you let us know that you have solved the problems? Do you have alternative email addresses for your customers? I do need my email, but support your efforts to not give into these criminals.

  9. interestingly enough, it is my laptop that is down. i can access the email on my tablet using the android email client.
    don’t know if that helps any

  10. Marsha: We will update you here. Your problem is lack of incoming email or not being able to log on to your email?

    Elizabeth: That can happen depending on the settings used. But there will not be new incoming email, even if you can access your email, right now.

  11. Damn, had to reinstall windows today, so i need to verify my account via email to access my steam account again. Agreed to play with some friends today ;_;

    But anyway, since that didnt work I went out in real life agiann today 😉 thanks hackers 😛

  12. Nick: Due to the nature of the attacks (distributed and using compromised computers) it’s very difficult to trace them.

    Thank you for your support!

  13. Vfemail’s host has abandon them. Its going to have some tough time for the near future according to their site. Did I read correctly that protonmail may have paid the blackmail?

  14. Thanks to everyone at Runbox! We really appreciate your efforts and for keeping us posted. Runbox’s philosophy and security stance are a large part of why we subscribe and will continue to do so.

  15. Agree with Jane, Björn, simon and others – your customers appreciate what you do for us. Keep strong. We’re with you.


  16. I have both hushmail and proton…neither gave updates like this site.

    Hushmail came back, but now intros with CloudFlare which I’ve never seen (apparently an umbrella secure site which such email servers subscribe to.) I changed my p/w immed on login

    I can’t obtain access to proton (Sat. midnite since 9 am EST)–thankfully just started a month ago and was planning on migrating emails to there. Dead white space. –rethinking THAT.

    Wonder if it is a coordinated US (pick three letters) attack to keep everyone unsecure for continued infiltration and access.

  17. Well done, Runbox! Kudos to you and your ISP and hosting partners for standing against the DDoSers. You didn’t pay and you won in every aspect. You also helped others by preventing the group from getting more funds to run even more attacks to get funds to run even more attacks. ProtonMail did pay and they effectively funded the continued attack against themselves and a new attack against Runbox.
    You’re rocking Runbox!

  18. R: Hushmail decided to go to CloudFlare to get protection and I can understand them as it is a easy way out of the problems.

    For us that was not a option for privacy reasons. Using CloudFlare means that all traffic to our services would go to CloudFlare before they go to us. That is not what our users want.

    nobody: We also worked hard to alert the ISPs of the nodes that was being used in the attacks. I dont know if the others that were affected did this. They might have.

  19. Greetings,

    Thanks very much for all your updates thus-far on the situation. I’m aware from the press the stress this is causing to you and the rest of the team at Runbox. However I can only try to imagine ferocity of the situation.

    Thank you very much for not paying for the service of these bastards. Keep your head and please stay focused and continue to provide the excellent service you provide us. As a good man once said Don’t let the bastards get you down!

  20. Thanks Kim…I will use Hushmail as a “public” server. and not post anything there of a private nature…I think once out of this mess, I will give Runbox a serious look…more caring than most

    TO “Nobody”: How you find this out about Proton? I looked everywhere


  21. Nobody et al…I found Proton news via privacy search engine Ixquick

    Proton using WordPress blog to highlight chronology of events, lessons for all of us. They suffered through 2 events, paying $6K via Bitcoin for first wave of flooding attack. P said it needed to pay since $100hundreds losses were impacted by its customers.

    Second wave, however, was considered “state-sponsored,” with heavy backing by those against encryption as a policy or as a right of freedom. Supposedly, these backers did not like the usage of VPNs.

    P planning on coming on line next week or so…major rehabilitation of its network

    Will I go back, probably not…state-sponsored will never tire of the intrusions

    why don’t they just go away and leave us alone, versus wasting tax dollars to investigate nonsense…

  22. I am so sorry this is happening to Runbox. I can only imagine the work hours that have gone into trying to keep things running.

    Runbox has been an excellent support to me. Always on top of everything! Quick and patient to explain or fix whatever I’ve needed.

    Thank you for keeping me informed and thank you for your excellent service! Why would I ever want any other e-mail service!

Leave a Reply

Your email address will not be published. Required fields are marked *