- Dec 30, 2012
- 4,809
Cloud-based security service provider ‘Incapsula‘ detected a unique application layer DDoS attack, carried out using traffic hijacking techniques. DDoS attack flooded one of their client with over 20 million GET requests, originating from browsers of over 22,000 Internet users.
What makes this case especially interesting is the fact that the attack was enabled by persistent XSS vulnerability in one of the world’s largest and most popular site – one of the domains on Alexa’s “Top 50” list.
XSS vulnerability to Large-Scale DDoS Attack
Incapsula has not disclosed the name of vulnerable website for security reasons, but mentioned it as a high profile video content provider website, allows its users to sign-up and sign-in with their own profiles.
The DDoS attack was enabled by a Persistent XSS (Cross site scripting) vulnerability that allowed the attacker to inject a malicious JavaScript code into the tag associated with the profile image.
More