WS-Discovery Protocol Exposes 630,000 Devices to DDoS Attacks
CYBER NEWS

WS-Discovery Protocol Exposes 630,000 Devices to DDoS Attacks

1 Star2 Stars3 Stars4 Stars5 Stars (Ingen stemmer endnu)
Loading ...

The Web Services Dynamic Discovery (WS-Discovery) protocol could be exploited to launch large-scale DDoS attacks, security researchers are reporting.



What is the WS-Discovery protocol?

The WS-Discovery protocol is beskrevet as a technical specification that defines a multicast discovery protocol to locate services on a local network. It operates over TCP and UDP port 3702 and uses IP multicast address 239.255.255.250. The communication between nodes is done using web services standards, such as SOAP-over-UDP.

Even though the protocol is neither that common nor that popular, it has been adopted by ONVIF, an “open industry forum that provides and promotes standardized interfaces for effective interoperability of IP-based physical security products". Among ONVIF members are large companies such as Sony, Bosch, and Axis, who utilize ONVIF standards in their products.

630,000 ONVIF-based devices running the WS-Discovery protocol at risk

Endvidere, ONVIF has recommended the WS-Discovery protocol for device discovery. Kort fortalt, the protocol has been used in a series of products, including IP cameras, printere, and various home appliances. For at være mere præcis, a Binary Edge search reveals that there are approximately 630,000 ONVIF-based devices running the WS-Discovery protocol.

Relaterede: Største DDoS-for-hire service taget ned, Attack Pris Var $14.99

There is evidence that the protocol is now being exploited by threat actors for DDoS attacks, ZDNet reported. It is not the first wave of such attacks as researchers detected malicious activities back in May. The current attacks are not that large as well, with a maximum of 40 Gbps and amplification factors of up to 10, but the potential attack surface is alarming.

The large number of devices currently exposing the WS-Discovery port 3702 on the internet will definitely trigger a new wave of mass-scale attacks, forskere advarede.

Avatar

Milena Dimitrova

En inspireret forfatter og indhold leder, der har været med SensorsTechForum for 4 år. Nyder ’Mr. Robot’og frygt’1984’. Fokuseret på brugernes privatliv og malware udvikling, hun tror stærkt på en verden, hvor cybersikkerhed spiller en central rolle. Hvis almindelig sund fornuft giver ingen mening, hun vil være der til at tage noter. Disse noter senere kan blive til artikler!

Flere indlæg

Efterlad en kommentar

Din e-mail-adresse vil ikke blive offentliggjort. Krævede felter er markeret *

Frist er opbrugt. Venligst genindlæse CAPTCHA.

Del på Facebook Del
Loading ...
Del på Twitter Tweet
Loading ...
Del på Google Plus Del
Loading ...
Del på Linkedin Del
Loading ...
Del på Digg Del
Del på Reddit Del
Loading ...
Del på Stumbleupon Del
Loading ...