Sophisticated DDoS attack on servers of major internet firm hits disrupting major websites and online services twitter, Netflix & PayPal across the United States on Friday.
America Based Dyn Inc quote there data centers were hit by three phases of distributed denial of service attacks, which flooded targeted servers with junk data traffic.
The attack affects geographically and effects users trying to access popular websites across the United States and Europe. According to the chief strategy officer, East Cost datacenter was first targeted followed offshore datacenters.
Dyn serves some of the biggest names on the web, providing the domain name services that translate the numerical internet addresses into human-readable destinations such as “twitter.com.”
Junk traffic is coming from tens of millions of different internet-connected devices including insecure internet-connected devices IOT devices such as WebCam, Routers & VCR. It is confirmed that attack has relied on Mirai botnet which used in DDoS attacks against security researcher Brian Krebs’ blog “Krebs On Security” and French internet service and hosting provider OVH. Mirai malware targets Internet of Things (IoT) devices like routers, digital video records (DVRs), and webcams/security cameras, enslaving vast numbers of these devices into a botnet, which is then used to conduct DDoS attacks.
Recently, the Internet witnessed a record-breaking largest DDoS attack of over 1 Tbps against France-based hosting provider OVH, and now the latest victim of the attack is none other than Dyn DNS provider internet performance monitoring firm CloudHarmony, owned by Gartner Inc., said his company tracked a half-hour-long disruption early Friday in which roughly one in two end users would have found it impossible to access various websites from the East Coast. “We’ve been monitoring Dyn for years and this is by far the worst outage event that we’ve observed,” said Read.
Members of a shadowy collective that calls itself New World Hackers claimed responsibility for the attack via Twitter. They said they organized networks of connected “zombie” computers called botnets that threw a staggering 1.2 terabits per second of data at the Dyn-managed servers. Dyn officials said they have received no claim of responsibility, but are working with law enforcement.
DYN official statement – http://dyn.com/blog/dyn-statement-on-10212016-ddos-attack/
According to DYN, with those services restored to normal again, users should be able to get back on to the previously affected websites without any major problems.