Back

Tempo News Website Hit by 24.9 Million DDoS Attack

Severity: High (Score: 68.0)

Sources: Scworld, Thecyberexpress

Published: 2026-06-09 · Updated: 2026-06-10

Keywords: tempo, news, ddos, website, cyberattack, indonesian, media

Severity indicators: rat, cyberattack

Summary

Tempo, a leading Indonesian news outlet, faced a massive DDoS attack starting June 5, 2026, which generated 24.9 million malicious requests aimed at overwhelming its servers. The attack, characterized by bot-generated traffic, significantly disrupted access to the website for readers in Indonesia and beyond. Tempo's technology team noted that the assaults intensified during evening hours, with a peak of 12.97 million requests recorded between 8:30 p.m. and midnight. Preliminary investigations traced the attack traffic to multiple countries, including Colombia, the United States, the Philippines, Bangladesh, Mexico, and Indonesia. The exact identities of the attackers remain unknown, but the international nature of the traffic suggests a complex operation. The attacks have raised concerns about the security of media outlets in the digital age. Key Points: • Tempo experienced 24.9 million DDoS requests from June 5 to June 8, 2026. • The attack peaked with 12.97 million requests in a two-hour window. • Malicious traffic originated from multiple countries, indicating a global attack strategy.

Detailed Analysis

**Impact** The Indonesian media outlet Tempo was targeted by a DDoS attack generating 24.9 million malicious requests between June 5 and June 8, 2026, disrupting access to its news website domestically and internationally. The attack caused intermittent service interruptions, particularly during evening hours, affecting readers primarily in Indonesia but also globally due to the website's reach. The incident followed a prior CMS breach attempt in late May 2026 that temporarily unpublished corruption-related articles, indicating potential targeting of sensitive content. No data exfiltration or permanent content loss was reported. **Technical Details** The attack employed a distributed denial-of-service (DDoS) vector using bot-generated traffic from a globally distributed network of compromised devices. The largest wave involved 12.97 million requests within two hours (8:30 p.m. to midnight). Malicious traffic was traced to multiple countries, including Colombia, the United States, the Philippines, Bangladesh, Mexico, and Indonesia. No specific malware, CVEs, or tools were identified in the reports. The attack corresponds to the delivery and impact stages of the kill chain, focusing on service disruption. **Recommended Response** Defenders should monitor network traffic for anomalous spikes in request volume, especially during evening hours, and implement rate limiting and traffic filtering to mitigate bot-generated DDoS traffic. Blocking or throttling traffic from identified source countries may reduce attack impact but should be balanced against legitimate user access. Harden CMS access controls and audit recent changes to detect unauthorized modifications. No specific patches or IOCs were provided; ongoing monitoring of infrastructure and incident response readiness is advised.

Source articles (2)

  • Indonesian Media Outlet Tempo Targeted by 24.9 Million DDoS Requests — Thecyberexpress · 2026-06-09
    A major wave of cyberattacks on Tempo has disrupted access to one of Indonesia's leading news websites, with the media outlet reporting millions of malicious requests directed at its servers over seve…
  • Tempo news website hit by massive DDoS cyberattack | brief — Scworld · 2026-06-09
    The Cyber Express reports that the Indonesian news website Tempo experienced a significant distributed denial-of-service (DDoS) cyberattack, disrupting access for its readers. The assault, which began…

Timeline

  • 2026-06-05 — DDoS attack on Tempo begins: Tempo's website faced a massive influx of malicious requests, disrupting access for users.
  • 2026-06-08 — Total requests logged at 24.9 million: Tempo's monitoring systems recorded a staggering 24.9 million attack requests aimed at its servers.
  • 2026-06-08 — Peak attack wave identified: A significant wave of 12.97 million requests occurred between 8:30 p.m. and midnight.
  • 2026-06-09 — International traffic sources traced: Preliminary analysis indicated that attack traffic originated from countries including Colombia and the U.S.

Related entities

  • DDoS (Attack Type)
  • Tempo (Platform)
  • Bangladesh (Country)
  • Colombia (Country)
  • Indonesia (Country)
  • Mexico (Country)
  • Philippines (Country)
  • United States (Country)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed