DDoS attacks

Blender has confirmed that recent site outages have been caused by ongoing DDoS (distributed denial of service) attacks that started on Saturday.

Blender is a popular 3D design suite for creating animated films, video games, motion graphics, visual effects, soft body and particle simulation, and many more.

The project's team says the attacks started over the weekend, rendering them unable to process legitimate connection requests, causing a severe disruption to operations.

"Since last Saturday, 18 November, the blender.org servers are under a DDoS attack; bringing down our servers by overloading them with requests," reads the announcement.

"The administrators have been working on it non-stop. Attempts to block IP ranges from attackers did not work, as they quickly came back from other locations."

Even in the short periods during which the attackers paused the attacks, Blender's infrastructure remained overloaded by large volumes of pending legitimate requests, making it hard for their servers to catch up.

Eventually, after four days of continual problems, the team moved its main website to CloudFlare today, which they say helped reduce the impact of the attacks.

Stats shared by Blender's COO, Francesco Siddi, on X, show that the attacks are ongoing, counting over 240 million bogus requests directed at the project's servers.

Tweet

Blender warns that the following problems may persist when attempting to use their services and sites:

  • Accessing the site requires solving a bot-filtering "challenge" for some users.
  • The "blender.org" may still be inaccessible for technical reasons, but "www.blender.org" works.
  • Websites that host Blender's code, developer documents, devtalk, the wiki, and the download portal are still unavailable.

The threat actors responsible for the attacks on Blender and their motives are currently unknown.

In case disruptions return in the next couple of days, it is important to note that downloading Blender from third-party sites or promoted results on Google Search can lead to malware infections.

If you're looking to get a Blender installer and the official site is down, you may always source a DRM-free version from Steam, which doesn't require Valve's client to run.

Blender is also available through GitHub, while Windows users can also get it directly from the Microsoft Apps Store.

Related Articles:

Japan warns of malicious PyPi packages created by North Korean hackers

No, 3 million electric toothbrushes were not used in a DDoS attack

PurpleFox malware infects thousands of computers in Ukraine