There is a new upward trend when it comes to launching DDoS attacks that is becoming more and more dangerous. The method used has been responsible for GitHub being hit with the largest DDoS in history (1.35 Tbps) and that just a few days later the record was broken with a new massive 1.7 Tbps attack.
And now two completely unique utilities that allow launching this type of attack have been published online and they are available to everyone. The published code of these two proofs of concept is used to execute DDoS attacks with massive traffic.
This massive amount of traffic is accomplished by thousands of vulnerable memcached servers that allow to amplify the magnitude of DDoS attacks by a factor of more than 50,000, even when the attacker is low on bandwidth.
Thousands of servers exposed to power DDoS attacks whose owners do nothing
Mencached servers are distributed cache systems used to optimize websites that depend on external databases, as well known and common as YouTube or Facebook. The problem is that there are thousands of these servers that do not have security protections and that are exposed. This allows attackers to use your IPs to amplify DDoS attacks.
The two utilities published online not only allow launching a DDoS against the desired target in just a few seconds after executing the tool, but also come with a list of over 17,000 vulnerable memcached server IP addresses.
For security experts the publication of these tools is not a surprise, and we had already explained why these types of attacks could be repeated. The reality is that the only way to solve this problem depends on the owners of the memcached servers doing something to protect them.
Other experts believe that as early as next week already we will be looking at offers of “DDoS attacks as a service” being offered by cybercriminals thanks to the fury of the methodology. This appears to be just the beginning of this new security nightmare.
Via | Bleeping Computer
In Genbeta | What is a DDoS attack and how to stop it?