Our Upstream CDN77 / Datapacket has deactivated all BGP sessions towards our network. This results in full downtime of all associated services such as all Remote Shield customers (aside from XC customers in AMS). The ETR given by them at this time is "tomorrow", we are trying to get this reconsidered but we do not estimate for reconsideration to happen in our favor.
The root cause for this to happen was an attack targeted towards many prefixes announced by us that reached many Terabits and continued for over 20 minutes. The attack started at 2025-10-30 21:12:40 CEST with first BGP sessions being deactivated at 2025-10-30 21:30:00 CEST. All sessions were down/no traffic was visible anymore as of 2025-10-30 21:36:40 CEST. The cause of this was not of any other nature.
Game Shield customers were only shortly affected and only Bedrock Ports are currently affected and will be restored ASAP over alternative infrastructure. On Premise customers are unaffected.
Game Shield Java connections are currently resolved. We have purchased capacity for additional 20k concurrent players elsewhere to handle the peak load expected. Customers with dedicated bedrock ports may contact us, including "Bedrock port" in their request, preferably ticket title to be worked on in a fast manner so Bedrock connections are turned up again.
We understand the severity and impact this has on our customers and their business. We deeply regret this action being done and will ensure to share updates as available and will follow up with more details and background tomorrow.
Posted Oct 30, 2025 - 21:26 UTC
Update
There is a major outage ongoing of our entire network, Game Shield is being re-routed to alternative infrastructure. We will provide updates as available. There is no ETR at this time.
Posted Oct 30, 2025 - 20:41 UTC
Update
The following shall aid to provide a sufficient overview of the current situation and the work done by NeoProtect.
Our network, that being multiple customers at the same time, was within the target scope of a major scale DDoS attack connected to the Aisuru botnet. We faced a total of 5 different attack vectors, each seen in different scale over time and reaching up to many Terabits per Second. While the actual total peak size is not known, we estimate it to be at around 10-20 Tbit/s peak for one of those vectors. Certain vectors unfortunately impacted several customers in varying locations, in multiple ways, resulting in frequent degraded service quality for ~60 seconds each.
This attack landscape is challenging for almost all networks targeted by this, as well due to the sole origin of malicious traffic being primarily from residential sources all around the world, with the U.S. being the most prominent source of origin.
When was impact noticed?
The primary impact started at 2025-10-24 21:52:40 CEST and issues occurred frequently until 2025-10-24 23:52:50 CEST. A second primary impact was noticed at 2025-10-25 20:58:42 CEST with no frequent recurrance seen. Isolated customer impact was bespoken with those impacted and minimized wherever possible and sufficient information given.
We are working hard to address and minimize impact globally and have achieved success in doing so with the majority of vectors, with however one vector stil challenging parts of our infrastructure. Main pain points are certain path's congesting during said attacks while overall capacity is handled in a proper manner. We are in close communication with CDN77 engineers to optimize this and are working to gain further insights resulting in accurracy while pinpointing impact paths.
Along with that, we have also made further progress on offloading implementations of ddos mitigation algorithms to ASICs, the way, speed and accurracy of safeguard systems acting as well as traffic steering and congestion control globally. We are also in talks with multiple potential upstream providers as well with different lead times in terms of implementation to evaluate standing as we are.
Our main goal at NeoProtect was and has always been to provide technological excellence, optimal approaches to problems and a generally better and easier protection outcome for each and every user. The issues here however do not relate to technological capabilities of our software and/or hardware implementations, but solely the scale of operation.
We apologize for the impact these incidents caused and appreciate your understanding that we are working hard towards resolvement. Our customer support and engineering appreciates impact details if any are or were noticed and specifically in regards to geographical scope, destination IP impacted and similar useful information. Thank you in advance for your cooperation in aiding to resolve this matter quicker.
Posted Oct 26, 2025 - 02:04 UTC
Investigating
We are investigating this issue since 2025-10-24 21:52:40 CEST. We will provide updates here as we have more information to share.
The issue occurs frequently for ~60 seconds each. Our team is working hard to find alternate solutions to address this asap and wants to thank you for your understanding and patience in the meantime.
Posted Oct 24, 2025 - 21:16 UTC
This incident affects: Services / Products (Game Shield Service, Remote Shield Service (new tunnel system), Remote Shield Service (old tunnel system)).