I wonder why they're thinking about moving to EU as their compatriot seems to be having the same issue and moving to Europe wouldn't fix it. It was mentioned in their public notice.

Their plan to move to the EU via their AMS site is not related to the attacks, but seems to be a general plan they have had for a while. At least this is how I understand their notice.

They were planning to moving to EU for the last 6-8 months. They were making it gracefully.

This attack expedited it greatly.

The EU move wouldn't exactly help, if the attack is specifically directed at Sourcehut. That is unless the ISP and hosting provider in AMS is offering some form of protection as part of their offering. I can't see why the attack wouldn't just follow the services.

I assumed that the addresses for the EU server are not publicly available, so if they get some sort of DDOS protection before bringing them up, then the attackers will not know where to target their attack.

This is certainly possible, but it seems they are anticipating this as well.

> One of our main concerns right now is finding a way of getting back online on a new network without the DDoS immediately following us there, and we have reason to believe that it will.

That doesn't make sense though, as all the DDOS people have to do is aim their bot army at the new site. Probably just a single parameter in their attack scripts. I mean I'm an idiot and I can launch a DDoS on someone, I just don't have the $$ or compromised army of iot devices to aim at accomplishing that, nor really the will to do others harm. Whether you're in Europe or NA doesn't matter.

If their plan is to get online via the second location, it's likely that said location has a much beefier upstream or built-in filtering, allowing them to absorb these amounts of traffic without being null-routed.

More likely, though, they're restoring the service to a fresh IP range and put the servers behind some kind of DDOS-protection or, alternatively, they simply choose to do the switch now as they need to do a full restore anyway and it's not related to the DDOS mitigation.

You're right, but they were already planning it, so why not?

Maybe they have another plans under that, a better server or set of servers, some hand-rolled mitigations, etc. I have no idea. I'm a user as everybody else.