The vulnerability in Memcached Servers has been exposed to the masses since its proof of concept (PoC) code was recently published online. That exposure would now allow script kiddies to conduct large-scale DDoS attack as if the recent massive DDoS attack on Github and the world’s largest 1.7Tbps attack on an American firm weren’t enough.
According to a list provided by an information security training firm, the following companies and websites have been hit by DDoS attacks through misconfigured Memcached servers.
The list has been compiled by researchers using their ddosmon platform which is equipped with a dedicated DDoS botnet C&C tracking system to provide insights. Using the data, the information security researchers compute and monitor ongoing DDoS attacks.
- QQ (qq.com)
- 360 (360.com)
- Amazon (Amazon.com)
- Google (Googleusercontent.com)
- Avast (Avast.com)
- Kaspersky Labs (Kaspersky-labs.com)
- Brian Krebs (krebsonsecurity.com)
- Epoch Times (Epochtimes.com)
- PlayStation (PSN) (Playstation.net)
- Minecraft (Minecraft.net)
- GTA developers Rockstar Games (Rockstargames.com)
- Pornhub (Pornhub.com)
- HomePornBay (HomePornBay.com)
- NRA Carry Guard (Nracarryguard.com)
- The NRA Foundation (Nrafoundation.org)
- The National Rifle Association of America (NRA) (Nra.org)
The list shouldn’t come as a surprise since all these targets are high profile. The NRA National Rifle Association was already in news for all the wrong reasons after the Florida school shooting and since a group of students publicly urged the association to put a Federal ban on assault rifles.
According to information security training experts, multiple domains owned by NRA suffered a series of massive DDoS attack between 27th – 28t February forcing them to go offline. The incident was also noticed by users on Twitter who shared screenshots of the sites at the time they went offline.
Besides the United States and China, attackers have also targeted cyberinfrastructure in Brazil, Canada, South Korea, France, Germany, the Netherlands and the United Kingdom.
However, the good news is that information security training researchers have identified a kill switch that can mitigate DDoS attacks carried out through Memcached servers. Researchers have already tested it to be 100% effective on live attacking servers.