Github, Twitter, AirBnB and an extensive list of famous websites became inaccessible for users in East of United States due to DDoS – Distributed Denial Of Services – attack on the largest cloud-based Internet management company DynDNS.
A few weeks ago, we saw how the Mirai powered botnets attacked with 1 Tbps capacity attacked the French company OVH and made its name in the history with the largest DDoS attack. This time the latest target of the DDoS attack was renown DynDNS provider.
The long list of affected websites includes GitHub, CNN, Netflix, Spotify, Twitter, Esty, SoundCloud, Shopify, PagerDuty, Airbnb, Intercom, and Heroku.
GitHub referred this attack as ‘global event,’ and informed users about the Upstream DNS compromised by the attack. Twitter shuts down for roughly 4 hours.
According to DynDNS, the massive DDoS attack initiated at 11:10 UTC and affected its users in the East of the US. People in Europe and Asia remained to be unaffected by the attack. According to the DynStatus website.
Investigation: Starting at 11:10 UTC on October 21st-Friday 2016 we began monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure. Some customers may experience increased DNS query latency and delayed zone propagation during this time. Updates will be posted as information becomes available.
Update: Dyn Managed DNS advanced service monitoring is currently experiencing issues. Customers may notice false probe alerts on their advanced DNS services. Our engineers continue to monitor and investigate the issue. – 18:23 UTC
Update: This incident has been resolved. – 22:17 UTC
Researchers at FlashPoint confirmed that the botnets used in DDoS attack on DynDNS were indeed affected by Mirai malware.
Increasing DDoS attacks against ISPs and hosting providers can be problematic, especially when the attacks, such as Mirai, are capable of such power. Now, the Mirai malware has its source code leaked; more attacks are yet to be seen.