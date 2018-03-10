Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Massive DDOS Attacks Are Now Targeting Google, Amazon, and the NRA (pcmag.com) 23

Posted by EditorDavid from the distributing-denial-of-service-attacks dept.
PC Magazine reports: A new way to amplify DDoS attacks has been spotted harassing Google, Amazon, Pornhub and even the National Rifle Association's main website after striking Github last week. The attacks, which exploit vulnerable "memcached servers," have been trying to hose down scores of new targets with a flood of internet traffic, according to Chinese security firm Qihoo 360... Github was the first high-profile victim and suffered a 1.35 Tbps assault -- or what was then the biggest DDoS attack on record. But days later, an unnamed U.S. service provider fended off a separate assault, which measured at 1.7 Tbps. Unfortunately, the amplified DDoS attacks haven't stopped. They've gone on to strike over 7,000 unique IP addresses in the last seven days, Qihoo 360 said in a blog post... Gaming sites including Rockstargames.com, Minecraft.net, and Playstation.net have been among those hit...

The security community is also steadily addressing the linchpin to all the assaults: the vulnerable memcached servers. About 100,000 of these online storage systems were publicly exposed over a week ago. But the server owners have since patched or firewalled about 60,000 of them, Radware security researcher Daniel Smith said. That leaves 40,000 servers open to exploitation. Smith points to how the coding behind the attack technique has started to circulate online through free tools and scripts.
Meanwhile, Slashdot reader darthcamaro shares an article about "the so-call 'kill switch'" that some vendors have been debating: "The 'kill switch' was immediately obvious to everyone who worked on mitigating this DDoS attack," John Graham-Cumming, CTO of CloudFlare said. "We chose not to use or test this method because it would be unethical and likely illegal since it alters the state of a remote machine without authorization."

  • NRA (Score:1)

    by nogo66 ( 904644 )
    Why would anyone target The NRA? Seems really suspicious.

    • Well that's because the NRA is OBVIOUSLY responsible for EVERY SINGLE shooting that happens. Just like every Cloud Flair is responsible for every act of piracy that happens, Ford is responsible for every car crash, pharmaceutical manufacturers are responsible for every single OD, every single Mullah is responsible for every act of Islamist terror, and every single white male is reasonable for pretty much everything.

      It's the [Current Year] and no one has any time for reasonable discussion. Just ban everyth

    • Why would anyone target The NRA? Seems really suspicious.

      It stokes up conflict among the pro-Second Amendment camps and ant-Second Amendment camps internally in the USA, and generally weakens democracy there. The right will blame it on the left, and they will all get into a massive huff over it.

      International shits & giggles.

      Why would anyone target Amazon, Google or Pornhub . . . ?

      Why not, if someone else is footing the bill to disrupt the Internet.

      Now who could that someone be . . . ?

    • Re: (Score:2)

      by BeerCat ( 685972 )

      Why would anyone target The NRA? Seems really suspicious.

      Maybe because they oppose net neutrality?
      https://www.reuters.com/articl... [reuters.com]

  • Or just malware being served as ads?

    I'm thinking google, amazon and pornhub have measures in place to prevent massive DDOSattacks.

    The NRA? probably not.

  • Google, Amazon, and the NRA (Score:3, Insightful)

    by Patent Lover ( 779809 ) on Saturday March 10, 2018 @01:50PM (#56239763)

    The three pillars of society.

    • I really think you're overvaluing Google and Amazon. Plus the NRA has been kind of cucked for years, but at least they provide an easy target for idiotic leftist that don't realize other well funded gun rights groups with teams of lawyers do the real legwork of fighting for gun rights in the courts in the courts.

  • You then deserve what you get.

    "Meanwhile, Slashdot reader darthcamaro shares an article about "the so-call 'kill switch'" that some vendors have been debating:
    "The 'kill switch' was immediately obvious to everyone who worked on mitigating this DDoS attack," John Graham-Cumming, CTO of CloudFlare said. "We chose not to use or test this method because it would be unethical and likely illegal since it alters the state of a remote machine without authorization.""

    Unethical my ass. Turn those suckers off.

  • We need more Security by Design (Score:3)

    by Aethedor ( 973725 ) on Saturday March 10, 2018 @01:55PM (#56239785) Homepage
    We need more software that are secure by design. There is no reason to have a tool like memcached available for the entire internet. The memcached developers should have made it listen to localhost only by default. The setting to make it listen to other interfaces should be well explained in the manual, with all the risks and are-you-sure-you-want-this warnings.
  • unsecured Memcached servers could store data - par2'd data chunks, for example, similar to a newsgroup - along with indices / torrent tracker data / etc. And since they will store keys from spoofed UDP packets, there is no good way to figure out who put the data there.

    Just saying. Better than ddoses :(
  • Computers and the internet are obviously responsible for this DDOS attack. The people behind it might as well not be there! And these filthy organizations like yahoo and google who represent computers and the internet can go die in a fire! Who cares that the vast overwhelming majority of internet use is great, and it acts to curb government excess. I for one canâ(TM)t wait to put all of my trust in a dishonest, kill happy government run by corporate interests for all of my information in the future

  • That's great they managed to patch 60k out of 100k vulnerable systems...

    But as the rest of the systems continue to degrade the internet - at some point don't you have to say, for the public good these servers have to be shut down externally?

    It's fine and dandy to say it's not justified to disable someone else's system that is unknowingly taking part in an attack. But that ignores that all companies and people that put systems on the internet have a responsibility to monitor and keep them up to date, and if

