New Largest DDoS Attack at 1.3 Tbps Hits GitHub
CYBER NEWS

New Largest DDoS Attack at 1.3 Tbps Hits GitHub

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

The largest so far GGoS attack happened yesterday registered at 1.3 Tbps. The target was GitHub. The attack was based on a flaw in Memcached servers made public just a few days ago. Apparently, cybercriminals can exploit Memcached servers to carry out large-scale DDoS attacks that don’t require a lot of computational resources, researchers say.

Why is this even possible? Due to the way the server developers deployed the support for the UDP protocol.

Related Story: Bitfinex Platform Suffered Yet Another DDoS Attack

DDoS Attacks Based on a Flaw in Memcached Servers

The issue within Memcached was recently reported by Akamai, Arbor Networks and Cloudflare. The experts said that they detected observing an uptick in distributed denial-of-service attacks based on UDP packets amplified by Memcached servers. These servers are typically used to aid database-driven websites by boosting the memory caching system.

As already said, the flaw is present in the UDP protocol implementation of the above mentioned servers that intensify incoming packets over 50,000 times. The vulnerable port that serves to amplify packet sizes and redirect the packets is port 11211 which is exposed by Memcached servers in default configurations.

Apparently, there are more than 93,000 servers currently connected online “awaiting” to be exploited for DDoS, as in the case with the attack on GitHub.

Luckily, the attack was mitigated almost immediately regardless of the record-breaking size of 1.3 Tbps. Unfortunately, researchers are expecting to see more attacks on a regular basis based on the flaw in Memcached servers.

This is not the first time in recent history where Memcached servers were leveraged in DDoS. Furthermore, the size of the attacks is also expected to grow steadily, and the GitHub record may soon be surpassed.

Related Story: Biggest DDoS Close to 1 Tbps Hits Hosting Company

The previous largest size of DDoS was estimated at 1 Tbps, and the attack was against French hosting provider OVH.

OVH is a hosting company that was a victim of the biggest DDoS attack registered in September, 2016. The attack surpassed the DDoS on KrebsOnSecurity which also took place in that timeframe. In this attack, IoT devices and CCTV cameras were leveraged.

Avatar

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum for 4 years. Enjoys ‘Mr. Robot’ and fears ‘1984’. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles!

More Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...