• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • January 28th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Cyber Events
Cyber Attacks

Google, PlayStation & NRA suffered DDoS attacks via Memcached servers

March 9th, 2018 Waqas Cyber Attacks, Security 0 comments
Google, PlayStation & NRA suffered DDoS attacks via Memcached servers
Share on FacebookShare on Twitter

By now the vulnerability in Memcached Servers has been exposed to the masses since its proof of concept (PoC) code was recently published online. That exposure would now allow script kiddies to conduct large-scale DDoS attack as if the recent massive DDoS attack on Github and the world’s largest 1.7Tbps attack on an American firm weren’t enough.

But other than the aforementioned targets, do you know who else was hit by Memcached servers DDoS attacks? According to a list provided 360Netlab, a Chinese IT security firm, the following companies and websites have been hit by DDoS attacks through misconfigured Memcached servers.

This list has been compiled by researchers using their ddosmon platform which is equipped with a dedicated DDoS botnet C&C tracking system to provide insights. Using the data, researchers compute and monitor ongoing DDoS attacks.

QQ (qq.com)
360 (360.com)
Amazon (Amazon.com)
Google (Googleusercontent.com)
Avast (Avast.com)
Kaspersky Labs (Kaspersky-labs.com)
Brian Krebs (krebsonsecurity.com)
Epoch Times (Epochtimes.com)
PlayStation (PSN) (Playstation.net)
Minecraft (Minecraft.net)
GTA developers Rockstar Games (Rockstargames.com)
Pornhub (Pornhub.com)
HomePornBay (HomePornBay.com)
NRA Carry Guard (Nracarryguard.com)
The NRA Foundation (Nrafoundation.org)
The National Rifle Association of America (NRA) (Nra.org)

The above-mentioned list shouldn’t come as a surprise since all these targets are high profile. The NRA was already in news for all the wrong reasons after the Florida school shooting and since a group of students publicly urged the association to put a Federal ban on assault rifles.

However, rather than addressing the issue, the NRA decided to use conservative political activist Dana Loesch in a bizarre ad targeting the media, journalists, political personalities, and others with consequences over their stance on the gun control. The advertisement was also criticized by users on social media making things a bit worse than before.

According to BleepingComputer, multiple domains owned by NRA suffered a series of massive DDoS attack between 27th – 28t February forcing them to go offline. The incident was also noticed by users on Twitter who shared screenshots of the sites at the time they went offline.

Looks like NRA website is under a DDOS attack pic.twitter.com/SFyMDn3vtp

— Oregon I.T. not IT ⚾ (@OregonJOBS2) February 27, 2018

Can’t access @NRA website. Been trying for hours. Must be too busy with either: A. Responsible gun owners looking to join/donate (me) or B. Protesters mounting a DDOS (Leftist Looneys that blame guns, instead of criminals) #SupportNRA #SupportUSCCA

— Gary L. (@Tailinloop) February 27, 2018

Furthermore, 360Netlab shared a list of targets revealing that other than the United States and China, attackers have also targeted cyberinfrastructure in Brazil, Canada, South Korea, France, Germany, the Netherlands and the United Kingdom.

Remember, Cloudflare called it amplification attack and explained in their blog post that “Over the last couple of days, we’ve seen a big increase in an obscure amplification attack vector — using the Memcached protocol, coming from UDP port 11211. Unfortunately, there are many Memcached deployments worldwide which have been deployed using the default insecure configuration.”

However, the good news is that Corero researchers have identified a kill switch that can mitigate DDoS attacks carried out through Memcached servers. Researchers have already tested it to be 100% effective on live attacking servers.

Note:

If you are running a business; do not forget to calculate the cost and probability of a DDoS attack on your business with this DDoS Downtime Cost Calculator.

  • Tags
  • Cyber Attack
  • DDOS
  • gaming
  • Google
  • GTA
  • hacking
  • Memcached
  • NRA
  • PlayStation
  • Technology
  • Vulnerability
Facebook Twitter LinkedIn Pinterest
Previous article You are not alone Blizzard & EA servers are down in multiple regions
Next article New FlawedAmmyy RAT steals data and intercepts audio chat
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
World's Most 'Resilient Malware' Botnet Emotet Taken Down

World's Most 'Resilient Malware' Botnet Emotet Taken Down

Top Cybersecurity Threats to Watch in 2021

Top Cybersecurity Threats to Watch in 2021

Database of 176 million Pakistani mobile phone users sold online

Database of 176 million Pakistani mobile phone users sold online

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
NetWalker ransomware disrupted - Cryptocurrency and domain seized
Cyber Crime

NetWalker ransomware disrupted - Cryptocurrency and domain seized

42
Transferring Whatsapp data from iPhone to Android with MobileTrans
How To

Transferring Whatsapp data from iPhone to Android with MobileTrans

29
World's Most 'Resilient Malware' Botnet Emotet Taken Down
Cyber Crime

World's Most 'Resilient Malware' Botnet Emotet Taken Down

79

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us