New DDoS Record Set at 1.3 Tbps Thanks to Memcached Servers

Faybert

Level 24
Thread author
Verified
Top Poster
Well-known
Jan 8, 2017
1,318
Crooks can abuse Memcache servers to launch insanely massive DDoS attacks using very few computational resources on their end.

These type of DDoS attacks are possible because of the unsecured way Memcache developers have implemented support for the UDP protocol in their product.

Furthermore, to make matters worse, Memcache servers also expose their UDP port to external connections in the default configuration, meaning any Memcache server not behind a firewall can be abused for DDoS attacks right now.
........................
.......................
.......................
 

Faybert

Level 24
Thread author
Verified
Top Poster
Well-known
Jan 8, 2017
1,318
We have a new record for the largest DDoS attack ever detected. The new high mark is 1.3 Tbps (Terabits-per-second).

The attack took place yesterday, targeted a software development company, and was detected and mitigated by Akamai.

Attackers executed the attack using a vulnerability in Memcached servers that was made public two days ago.
............................
............................
 

Faybert

Level 24
Thread author
Verified
Top Poster
Well-known
Jan 8, 2017
1,318
Last week saw the largest distributed denial-of-service (DDoS) attack in history.

GitHub was hit by a record-breaking attack which peaked at some 1.35 terabits per second (outstripping the notorious DDoS attack on Dyn, which knocked the likes of Twitter, Spotify, Reddit, and umm.. yeah, GitHub, offline back in October 2016.)

A short while later a second attack wave against GitHub peaked at a mildly more bearable 400 Gbps.
.......................
.......................
.......................
.......................
 

Mahesh Sudula

Level 17
Verified
Top Poster
Well-known
Sep 3, 2017
818
CLEANMX is another to hit by the same..despite of its counter measures still the attack has been continuing ..
--> Random metric dns ddos amplification attacks against our infrastructure consuming >200 Gbit/s of bandwidth in our backbone.
The attack was so severe they closed their mailing list...and sorted layer7dos and suspicious ip ranges
 
D

Deleted member 65228

CLEANMX is another to hit by the same..despite of its counter measures still the attack has been continuing ..
It's because they share malicious software and malware authors don't want their malicious software to be exposed to researchers so it can be used for research purposes and reverse-engineering by security software vendors/analyst labs.

There's not much that can be done about it except apply safe and good security practices to help prevent successful DDoS attacks (and mitigate them as best as possible whilst you're under-attack). Taking legal action as much as possible is a good step towards fighting back because such criminal activity is violation of the Computer Misuse Act and many countries are making tougher punishments for such behavior to set an example to other cyber-criminals nowadays.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top