Yes, it came from an SA country, that’s why certain players could not log. IMC is IP blocking the source of the DDoS, but it seems to get worse.
I highly discourage this kind of activity because it will trigger a domino effect that will cost the game severely. Anyone who played Ragnarok since the Alpha knows what I’m talking about, and if those DDoSers don’t stop, history will repeat itself, although this time I’m not sure IMC will be bailed out the way Gravity was. It’s already bad enough someone is trying to decode the game files and emulate the game to provide data to build ToS private servers. What more if everything was leaked, like the game engine?