DDoS Attack on DNS; Major sites including GitHub PSN, Twitter Suffering Outage
Major websites have gone down worldwide — The reason is still unclear but a major DNS provider is suffering a massive DDoS attack and experts are connecting the dots.
Twitter, Reddit, Spotify, Etsy, Box, Wix Customer Sites Squarespace Customer Sites and bunch of other websites were offline earlier today. That’s because someone conducted a massive distributed denial of service (DDoS) attack on the Dyn, a world renowned Domain Name Servers (DNS) service provider.
Also Read: Meet Linux.Mirai Trojan, a DDoS nightmare
In a statement, Dyn acknowledged that their servers are under DDoS attack.Starting at 11:10 UTC on October 21th-Friday 2016 we began monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure. Some customers may experience increased DNS query latency and delayed zone propagation during this time. Updates will be posted as information becomes available. This attack is mainly impacting US East and is impacting Managed DNS customer in this region. Our Engineers are continuing to work on mitigating this issue.
https://twitter.com/Dyn/status/789444349998268416
Imagine a scenario where a DNS provider that is used by Reddit, Twitter or Facebook is under DDoS attack, there is no way a user can visit any of these sites and it looks like that’s what’s going on right now. There are several websites that were down this morning including Twitter, Reddit, Spotify, Esty, Box, Wix Customer Sites Squarespace Customer Sites, Shopify, SoundCloud, Github, Airbnb, Reddit, Freshbooks and Heroku. However, some sites are already coming back online.
The upstream DNS incident has been resolved. We continue to monitor our systems while they deliver a backlog of webhook events.
— GitHub Status (@githubstatus)
October 21, 2016
Also Read: US Emergency Phone System ‘911’ Can Be Hacked Through TDoS Attack
Level3’s DDoS map shows internet outage
Also Read: OVH hosting suffers 1Tbps DDoS attack; largest Internet has ever seen
List of sites that currently down according to our lovely readers:
In an exclusive conversation with IEEE senior member Kevin Curran HackRead was told that:
“If you want to understand what really happens in a DDOS attack, then you just need to look into SYN flood attacks. A SYN flood is a denial-of-service attack in which an attacker sends a succession of SYN requests to a target’s system in an attempt to consume enough server resources to make the system unresponsive to legitimate traffic.”
At the time of publishing this article, some sites were still down whilst Dyn was still dealing with the attack. If you know any other site that is facing outage kindly email me at Waqas@hackread.com.