Powerful Latest DDoS Methods Adds Extortion AMount

Attackers have seized on a relatively new method for executing distributed denial-of-service (DDoS) attacks of unprecedented disruptive power, using it to launch record-breaking DDoS assaults over the past week. Now evidence suggests this novel attack method is fueling digital shakedowns in which victims are asked to pay a ransom to call off crippling cyberattacks.

 

On March 1, DDoS mitigation firm Akamai revealed that one of its clients was hit with a DDoS attack that clocked in at 1.3 Tbps, which would make it the largest publicly recorded DDoS attack ever.

The type of DDoS method used in this record-breaking attack abuses a legitimate and relatively common service called “memcached” (pronounced “mem-cash-dee”) to massively amp up the power of their DDoS attacks.

Installed by default on many Linux operating system versions, memcached is designed to cache data and ease the strain on heavier data stores, like disk or databases. It is typically found in cloud server environments and it is meant to be used on systems that are not directly exposed to the Internet.

Memcached communicates using the User Datagram Protocol or UDP, which allows communications without any authentication — pretty much anyone or anything can talk to it and request data from it.

Because memcached doesn’t support authentication, an attacker can “spoof” or fake the Internet address of the machine making that request so that the memcached servers responding to the request all respond to the spoofed address — the intended target of the DDoS attack.

Worse yet, memcached has a unique ability to take a small amount of attack traffic and amplify it into a much bigger threat. Most popular DDoS tactics that abuse UDP connections can amplify the attack traffic 10 or 20 times — allowing, for example a 1 mb file request to generate a response that includes between 10mb and 20mb of traffic.

But with memcached, an attacker can force the response to be thousands of times the size of the request. All of the responses get sent to the target specified in the spoofed request, and it requires only a small number of open memcached servers to create huge attacks using very few resources.

Akamai believes there are currently more than 50,000 known memcached systems exposed to the Internet that can be leveraged at a moment’s notice to aid in massive DDoS attacks.

 

 

3 Replies to “Powerful Latest DDoS Methods Adds Extortion AMount”

  1. Yⲟu cаn pⅼay it anytime you want.? Daddy answered.
    ?As a rsult of talking about hhow nice God is makеs him ρleased and іts worship.
    Play it earlier than you go to sleep tⲟniɡht and once yⲟu get up within the
    morning and God ѡill probably be near you all day
    long.

  2. Many people simply opt for the machine which is already set up in the apartment
    or home. Plus, this will likely make certain you are going for one which will keep the
    bathroom clean with no conditions that a bad washer could cause.

    Use of boiling water for cleaning highly stained dishes with stubborn dirt is yet another feature adopted
    in modern dishwashers.

Leave a Reply

Your email address will not be published. Required fields are marked *