Massive DDoS attacks on Dyn DNS cause outages at Twitter, Spotify, SoundCloud and other sites
Several waves of major cyberattacks against an internet directory service knocked dozens of popular websites offline yesterday, with outages continuing into the morning GMT +8 (Manila time).
Twitter, SoundCloud, Spotify, Shopify, and other websites have been inaccessible to many users throughout the day. The outages are the result of several distributed denial of service (DDoS) attacks on the DNS provider Dyn, the company confirmed. The outages were first reported on Hacker News.
“We are actively in the third flank of this attack,” Dyn’s chief strategy officer Kyle York told reporters around 4:30 p.m. ET today. “It’s a very smart attack. As we mitigate, they react.”
Dyn’s general counsel Dave Allen added that, with the help of other infrastructure companies Akamai and Flashpoint, Dyn has determined that some of the traffic used in the attacks comes from the Mirai botnet, a network of infected Internet of Things devices used in other recent large-scale DDoS attacks.
(print screen from digitalattackmap.com)
Dyn and other DNS providers operate as a link between the URLs you type into your browser and the corresponding IP addresses. DDoS attacks are frequently used to censor specific websites by overwhelming them with junk traffic and knocking them offline. However, by attacking Dyn, it’s possible to overwhelm that directory function and cause outages and loading problems across a large swath of the internet.
(print screen from cybermap.kaspersky.com) hmm notice all attacks originate from China?)
Other sites experiencing issues include Box, Boston Globe, New York Times, Github, Airbnb, Reddit, Freshbooks, Heroku and Vox Media properties. Users in Europe and Asia (Symbianize) may experience fewer problems than those in the U.S. — according to DownDectector’s outage map, the DDoS attacks against Dyn are primarily impacting U.S. users.
(print screen from norsecorp)
The DDoS attacks on Dyn began yesterday morning. Service was temporarily restored around 9:30 a.m. ET, but a second attack began around noon, knocking sites offline once again.The DNS provider said engineers were working on “mitigating” the issue, but a third wave began around 4:30 p.m. ET before being resolved roughly two hours later.
At the moment, Dyn DNS is still dealing with the attack and its cause remains unknown.
Update: This incident has been resolved. Posted about 7 hours ago. Oct 21, 2016 - 22:17 UTC
The nation-wide internet outage was enabled thanks to a Mirai botnet that hacked into connected home devices, according to security intelligence company Flashpoint.
Mirai is not a new hacking tool. A massive Mirai attack took down the site of popular security researcher Brian Krebs in late September, peaking at a nearly unprecedented 620 Gbps.
Mirai takes advantage of weak security protocols on IoT devices -- in the Krebs case, 145,000 devices were infiltrated, including security cameras and DVRs in homes and offices around the world.
The author of the Mirai malware made its code open-source, and security experts have been warning of a possible large-scale attack since this information came to light.
Watch Live Worldwide Cyber attack on your PC click here
Here’s a list of websites that readers have told us they are having trouble accessing:
ActBlue
Basecamp
Big cartel
Box
Business Insider
CNN
Cleveland.com
Etsy
Github
Grubhub
Guardian.co.uk
HBO Now
Iheart.com (iHeartRadio)
Imgur
Intercom
Intercom.com
Okta
PayPal
People.com
Pinterest
Playstation Network
Recode
Reddit
Seamless
Spotify
Squarespace Customer Sites
Starbucks rewards/gift cards
Storify.com
The Verge
Twillo
Twitter
Urbandictionary.com (lol)
Weebly
Wired.com
Wix Customer Sites
Yammer
Yelp
Zendesk.com
Zoho CRM
Credit Karma
Eventbrite
Netflix
NHL.com
Fox News
Disqus
Shopify
Soundcloud
Atom.io
Ancersty.com
ConstantContact
Indeed.com
New York Times
Weather.com
WSJ.com
time.com
xbox.com
dailynews.com
Wikia
donorschoose.org
Wufoo.com
Genonebiology.com
BBC
Elder Scrolls Online
Eve Online
PagerDuty
Kayak
youneedabudget.com
Speed Test
Freshbooks
Braintree
Blue Host
Qualtrics
SBNation
Salsify.com
Zillow.com
nimbleschedule.com
Vox.com
Livestream.com
IndieGoGo
Fortune
CNBC.com
FT.com
Survey Monkey
Paragon Game
Runescape
If you’re experiencing connection problems, you can try changing your DNS settings (instructions for how to do this on Mac and Windows are here). Anecdotally, our staff has used OpenDNS (208.67.222.222 and 208.67.220.220) and OpenNIC servers and seen connectivity improve.
Source: https://www.dynstatus.com/incidents/nlr4yrr162t8
Twitter, SoundCloud, Spotify, Shopify, and other websites have been inaccessible to many users throughout the day. The outages are the result of several distributed denial of service (DDoS) attacks on the DNS provider Dyn, the company confirmed. The outages were first reported on Hacker News.
“We are actively in the third flank of this attack,” Dyn’s chief strategy officer Kyle York told reporters around 4:30 p.m. ET today. “It’s a very smart attack. As we mitigate, they react.”
Dyn’s general counsel Dave Allen added that, with the help of other infrastructure companies Akamai and Flashpoint, Dyn has determined that some of the traffic used in the attacks comes from the Mirai botnet, a network of infected Internet of Things devices used in other recent large-scale DDoS attacks.
Dyn and other DNS providers operate as a link between the URLs you type into your browser and the corresponding IP addresses. DDoS attacks are frequently used to censor specific websites by overwhelming them with junk traffic and knocking them offline. However, by attacking Dyn, it’s possible to overwhelm that directory function and cause outages and loading problems across a large swath of the internet.
Other sites experiencing issues include Box, Boston Globe, New York Times, Github, Airbnb, Reddit, Freshbooks, Heroku and Vox Media properties. Users in Europe and Asia (Symbianize) may experience fewer problems than those in the U.S. — according to DownDectector’s outage map, the DDoS attacks against Dyn are primarily impacting U.S. users.
The DDoS attacks on Dyn began yesterday morning. Service was temporarily restored around 9:30 a.m. ET, but a second attack began around noon, knocking sites offline once again.The DNS provider said engineers were working on “mitigating” the issue, but a third wave began around 4:30 p.m. ET before being resolved roughly two hours later.
At the moment, Dyn DNS is still dealing with the attack and its cause remains unknown.
Update: This incident has been resolved. Posted about 7 hours ago. Oct 21, 2016 - 22:17 UTC
The nation-wide internet outage was enabled thanks to a Mirai botnet that hacked into connected home devices, according to security intelligence company Flashpoint.
Mirai is not a new hacking tool. A massive Mirai attack took down the site of popular security researcher Brian Krebs in late September, peaking at a nearly unprecedented 620 Gbps.
Mirai takes advantage of weak security protocols on IoT devices -- in the Krebs case, 145,000 devices were infiltrated, including security cameras and DVRs in homes and offices around the world.
The author of the Mirai malware made its code open-source, and security experts have been warning of a possible large-scale attack since this information came to light.
Watch Live Worldwide Cyber attack on your PC click here
Here’s a list of websites that readers have told us they are having trouble accessing:
ActBlue
Basecamp
Big cartel
Box
Business Insider
CNN
Cleveland.com
Etsy
Github
Grubhub
Guardian.co.uk
HBO Now
Iheart.com (iHeartRadio)
Imgur
Intercom
Intercom.com
Okta
PayPal
People.com
Playstation Network
Recode
Seamless
Spotify
Squarespace Customer Sites
Starbucks rewards/gift cards
Storify.com
The Verge
Twillo
Urbandictionary.com (lol)
Weebly
Wired.com
Wix Customer Sites
Yammer
Yelp
Zendesk.com
Zoho CRM
Credit Karma
Eventbrite
Netflix
NHL.com
Fox News
Disqus
Shopify
Soundcloud
Atom.io
Ancersty.com
ConstantContact
Indeed.com
New York Times
Weather.com
WSJ.com
time.com
xbox.com
dailynews.com
Wikia
donorschoose.org
Wufoo.com
Genonebiology.com
BBC
Elder Scrolls Online
Eve Online
PagerDuty
Kayak
youneedabudget.com
Speed Test
Freshbooks
Braintree
Blue Host
Qualtrics
SBNation
Salsify.com
Zillow.com
nimbleschedule.com
Vox.com
Livestream.com
IndieGoGo
Fortune
CNBC.com
FT.com
Survey Monkey
Paragon Game
Runescape
If you’re experiencing connection problems, you can try changing your DNS settings (instructions for how to do this on Mac and Windows are here). Anecdotally, our staff has used OpenDNS (208.67.222.222 and 208.67.220.220) and OpenNIC servers and seen connectivity improve.
Source: https://www.dynstatus.com/incidents/nlr4yrr162t8
No comments
Post a Comment