New Post has been published on Tech & Cyber Security
New Post has been published on https://www.securityinet.com/massive-ddos-attack-dyn-dns-service-popular-sites-offline/
Massive DDoS Attack Against Dyn DNS Service Popular Sites Offline
Massive DDoS Attack Against Dyn DNS Service Popular Sites Offline
Twitter, Reddit, Spotify, Etsy, Box, Wix Customer Sites Squarespace Customer Sites and bunch of other websites were offline earlier today. That’s because someone conducted a massive distributed denial of service (DDoS) attack on the Dyn, a world renowned Domain Name Servers (DNS) service provider.
Not all users were affected equally, however, and sites appear to have been intermittently accessible. To see a full list of sites that have reportedly been affected, click here.
Cyber attacks are getting evil and worst nightmare for companies day-by-day, and the Distributed Denial of Service (DDoS) attack is one such attacks that cause a massive damage to any service.
It was not immediately clear who was responsible and Gillian Christensen of the U.S. Department of Homeland Security said the agency was ‘investigating all potential causes.’
Outages overview
10/21/2016
Wikia
Problems at Wikia
10/21/2016
Uplay
Problems at Uplay
10/21/2016
Battle.net
Problems at Battle.net
10/21/2016
T-Mobile
Problems at T-Mobile
10/21/2016
Cox
Problems at Cox
10/21/2016
Photobucket
Problems at Photobucket
10/21/2016
Quora
Problems at Quora
10/21/2016
Salesforce.com
Problems at Salesforce.com
10/21/2016
Office 365
Problems at Office 365
10/21/2016
Cloudflare
Problems at Cloudflare
10/21/2016
Steam
Problems at Steam
10/21/2016
Go Daddy
Problems at Go Daddy
10/21/2016
Hulu
Problems at Hulu
10/21/2016
Cable One
Problems at Cable One
10/21/2016
The Division
Problems at The Division
10/21/2016
Fatcow
Problems at Fatcow
10/21/2016
WOW
Problems at WOW
10/21/2016
PNC
Problems at PNC
10/21/2016
Disqus
Problems at Disqus
10/21/2016
Suddenlink
Problems at Suddenlink
10/21/2016
Kayak
Problems at Kayak
10/21/2016
Bright House Networks
Problems at Bright House Networks
10/21/2016
Zillow
Problems at Zillow
10/21/2016
WeTransfer
Problems at WeTransfer
10/21/2016
Hostgator
Problems at Hostgator
10/21/2016
HBO Go
Problems at HBO Go
10/21/2016
Verizon
Problems at Verizon
10/21/2016
Heroku
Problems at Heroku
10/21/2016
Star Wars Battlefront
Problems at Star Wars Battlefront
10/21/2016
Overwatch
Problems at Overwatch
10/21/2016
eBay
Problems at eBay
10/21/2016
Rocket League
Problems at Rocket League
10/21/2016
CenturyLink
Problems at CenturyLink
10/21/2016
GTA 5
Problems at GTA 5
10/21/2016
Call of Duty
Problems at Call of Duty
10/21/2016
Youtube
Problems at Youtube
10/21/2016
Origin
Problems at Origin
10/21/2016
Crunchyroll
Problems at Crunchyroll
10/21/2016
Problems at Reddit
10/21/2016
Comcast
Problems at Comcast
10/21/2016
Frontier
Problems at Frontier
10/21/2016
Mediacom
Problems at Mediacom
10/21/2016
Jive
Problems at Jive
10/21/2016
Rainbow Six
Problems at Rainbow Six
10/21/2016
Xbox Live
Problems at Xbox Live
10/21/2016
AT&T
Problems at AT&T
10/21/2016
2k
Problems at 2k
10/21/2016
Gmail
Problems at Gmail
10/21/2016
Problems at Whatsapp
10/21/2016
RCN
Problems at RCN
All of these sites and services are reportedly experiencing outages and downtime, either completely or partially.
One more list of affected websites :
MySpace.com Box.com Twitter.com Schoology and Apex Npmjs.com (Node Package Manager (major javascript package manager) Roblox.com Github.com Spotify.com Shopify.com Freshbooks.com Netflix.com (slow loading time) The Boston Globe The New York Times PayPal Theverge.com Pinterest.com Constantcontact.com Playstation Network (PSN) Revcontent.com Fox News Elder Scrolls Online Starbucks rewards/gift cards Braintree Zoho CRM xbox.com Indeed.com ActBlue Grubhub Kayak Basecamp Yammer Ancersty.com Mashable Intercom.com Disqus Eventbrite Wufoo.com Iheart.com (iHeartRadio) Business Insider Imgur NHL.com Cleveland.com Credit Karma Squarespace Customer Sites Atom.io Wikia Weebly nimbleschedule.com Okta Big cartel Zendesk.com Blue Host dailynews.com Twillo Intercom donorschoose.org Eve Online Weather.com PagerDuty Recode Wix Customer Sites Speed Test Salsify.com Yelp People.com Wired.com Genonebiology.com Guardian.co.uk HBO Now youneedabudget.com time.com Qualtrics BBC Etsy CNN Urbandictionary SBNation Zillow.com WSJ.com Bill.com WhatsApp.com MLB.com Namecheap.com Chewy.com Applicant Tracking System and Recruiting Software | iCIMS.com WorkMarket Quora Kijiji PayCor My.WPengine Dyn.com Netlog HomeLight Sterlingbank.com (sign in issues) ipage.com isitdownrightnow.com
Recently, the Internet witnessed a record-breaking largest DDoS attack of over 1 Tbps against France-based hosting provider OVH, and now the latest victim of the attack is none other than Dyn DNS provider.
The attack appears to have started just after 7am ET and appears to have affected huge swaths of the East Coast and much of the Midwest. Level3, which monitors internet activity, shows the extent of the outage.
A sudden outage of popular sites and services, including Twitter, SoundCloud, Spotify, and Shopify, for many users, is causing uproar online. It’s because of a DDoS attack against the popular Domain Name System (DNS) service provider Dyn, according to a post on Ycombinator.DNS act as the authoritative reference for mapping domain names to IP addresses. In other words, DNS is simply an Internet’s phone book that resolves human-readable web addresses, like thehackernews.com, against IP addresses.
Dyn DNS is used by many websites and services as their upstream DNS provider, including Twitter, Spotify, SaneBox, Reddit, Box, Github, Zoho CRM, PayPal, Airbnb, Freshbooks, Wired.com, Pinterest, Heroku and Vox Media properties.
A couple of months ago researchers exposed Lizard Squad group hacking CCTV systems and carrying DDoS attacks on financial and government institutions in Brazil whilst the DDoS prevention firm Sucuri and Incapsula revealed that thousands of CCTV cameras have not only been hacked but also turned into DDoS botnet worldwide – reason, once again: their weak login credentials.
However, Linux-based IoT devices are the prime target for cyber criminals. Recently, Luabot and Bashlite aka Lizkebab malware were found taking over Linux-based CCTV cameras and attacking banking and small business worldwide.
DDOS Digital Attack Map – not showing and not working during the attack :
Fortinet Threat Map
https://threatmap.fortiguard.com/
Norse Attack Map
map.norsecorp.com/
Is i think there is a problem with iot devices and the only solution is to patch them . To mitigate thous kinds of attacks you need very powerful anti DDos Dos system and as we see today (21 October) there is a problem with that kind of device. Researches will now spend tons of time to learn how to mitigate thous kinds of attacks .
I think couple possible solutions L:
Patch problematic/affected devices
Invent an powerful anti DDos hardware that even an small comapy`s can buy.
Mitigate the attack by learning it out – thous devices have signatures and by thous signatures the prevention hardware on ISP level need to prevent thous kinds of attacks.
Block all traffic from thous kinds of devices – if this iot device is violating in big traffic activity (block IP in ISP level)
UPDATE 1# 22.10.2016 01:12
There is problem with PSN (Play Station Network)














