[10/21/16] Massive DDOS Attack Knocks Huge Websites Offline - The Russians, probably.

Internet users around the world, but mostly in the US, reported that some top websites were not loading on Friday morning.

The affected sites included Amazon, Twitter, Etsy, Github, and Spotify.

The issue was mostly resolved at 9:20 a.m. ET, but at 12:07 p.m. ET, the issue started to crop up again, according to one of the companies at the center of the apparent cyber attack.

The issue appears to have something to do with DNS hosts — in particular, Dyn, one of the biggest DNS companies.

Domain Name Servers are a core part of the internet's backbone. They translate what you type into your browser —www.businessinsider.com, for example — into IP addresses that computers can understand.

Dyn said on Friday that it suffering a DDoS attack, or a distributed denial of service. That basically means hackers are overwhelming Dyn's servers with useless data and repeated load requests, preventing useful data — the Twitter IP address, for example — from getting through.

No group has taken credit for the DDoS attack yet. The Department of Homeland Security is monitoring the attack, Politico's Eric Geller reports.

http://www.businessinsider.com/amaz...-and-etsy-down-in-apparent-dns-attack-2016-10

Who did it? Even posting this, Twitter is running like shit for me.

 

[Piss Clam]

But then why tip anyone off? All they're gonna do is make people aware of their virus and let Dyn start banning afftected IP's.

Some edgelord basement dwelling beard neck got pissed off and turned his botnet towards DYN.

You don't need a country conspiracy for this.

Same as it ever was.

 

[AnOminous]

But then why tip anyone off? All they're gonna do is make people aware of their virus and let Dyn start banning afftected IP's.

Like they don't have more or can't get more whenever the main event is planned. You have to deploy a strategy in reality to see how it actually works in reality.

If this actually is the main event, it's probably a smaller actor.

 

[Beaniebon]

Who stands to gain from this at all?

Ebay. Take down amazon and they'll be supreme again.

No countires that I can think of would benefit. If it was super nefarious, its probably a dry run (which is a weird move for multiple reasons).

Might just be some shit head having a giggle.

 

[melty]

But then why tip anyone off? All they're gonna do is make people aware of their virus and let Dyn start banning afftected IP's.

Maybe they are so good they don't care.
My bet is it's aliens trying to disrupt our communications.
Edit: or julian assange. If he doesn't get to have internet then nobody else does either!

 

[Brandobaris]

Hell of a dry run. There's no way DNS companies won't massively step up their security and server capabilities after this.

Who stands to gain from this at all?

THE RUSSIANS! Why? Because... uh Trump and Putin hate the internet.... or something..... THEY HATE FREEDOM, THEY HATE OUR WAY OF LIFE.

 

[Splendid]

Like they don't have more or can't get more whenever the main event is planned. You have to deploy a strategy in reality to see how it actually works in reality.

If this actually is the main event, it's probably a smaller actor.

You can't get more if people start grabbing affected computers, figuring out what's wrong, and deploying patches. Sure, some people won't upgrade, but your pool of potential zombie computers greatly decreases.

 

[Zvantastika]

Ebay. Take down amazon and they'll be supreme again.

No countires that I can think of would benefit. If it was super nefarious, its probably a dry run (which is a weird move for multiple reasons).

Might just be some shit head having a giggle.

Turkey, Korea, China, most asian and middle east countries benefit from this attack and are normally behind them. I'm pretty sure Russia will be blamed because that's what US like to do nowadays, point at them and blame them for EVERYTHING.

 

[DuskEngine]

Turkey, Korea, China, most asian and middle east countries benefit from this attack

how

 

[AnOminous]

You can't get more if people start grabbing affected computers, figuring out what's wrong, and deploying patches. Sure, some people won't upgrade, but your pool of potential zombie computers greatly decreases.

You can't "patch" the general weakness of the DNS system to DDoS when it's not a hole or a bug, it's the whole system.

Why do you think it's that hard for any reasonably competent malefactor to put together a botnet any time they need one?

 

[Beaniebon]

Turkey, Korea, China, most asian and middle east countries benefit from this attack and are normally behind them.

How?

EDIT Damn @DuskEngine ninja'd

 

[Splendid]

You can't "patch" the general weakness of the DNS system to DDoS when it's not a hole or a bug, it's the whole system.

Why do you think it's that hard for any reasonably competent malefactor to put together a botnet any time they need one?

You can sure as hell patch the vulnerability that they're using to get all of these bots, and remove the virus from computers that are already infected.
And it's hard to get a botnet that can fuck up a major ISP. If it was easy, these attacks would be common.

 

[Beaniebon]

Twitter is completely down now. Even checked that "down for everyone or just me?" Site.

I don't know much about ddos attacks, but was there another one or did the last one just now take bigger affect? I was able to get on all day albiet with wonky service.

 

[AnOminous]

Just last month, Bruce Schneier speculated that a large state actor was responsible for a series of increasingly sophisticated probes of various Internet services speculated to be attempts to determine what might take them down, perhaps as part of a larger effort by a state actor to figure out how to take down the entire Internet. He's not some rando, he's the most prominent security/crypto expert in the world.

Considering this context, it's not unreasonable to suspect this is part of that larger project that is already going on.

Not saying this is that, it could be random or even someone with a specific gripe against DYN itself.

But doing dry runs and proofs of concept on larger attacks beforehand is common practice.

Also if it amuses you, you can usually watch a map of DDoS attacks worldwide here: http://map.norsecorp.com/

It's currently down. Probably not because of a deliberate DDoS but because of everyone trying to look at it right now.

 

[Zvantastika]

how

By fucking what people on your side of the sea use and own (sometimes meaning a small economic loss) and making people angry at them which make them take dumb decisions. An easy example of this is when Playstation got hacked and had to shut down multiplayer for several days, remember all the shit that was being said about Sony and how people wanted to boycott them for being unsafe and generally being butthurt with Sony instead of the hackers themselves?, it's more or less the same shit every single time with different methods but the same goal.

 

[DuskEngine]

By fucking what people on your side of the sea use and own (sometimes meaning a small economic loss) and making people angry at them which make them take dumb decisions. An easy example of this is when Playstation got hacked and had to shut down multiplayer for several days, remember all the shit that was being said about Sony and how people wanted to boycott them for being unsafe and generally being butthurt with Sony instead of the hackers themselves?, it's more or less the same shit every single time with different methods but the same goal.

Sure, but how do the countries you listed benefit from this in a way that Russia doesn't?

 

[Beaniebon]

Sure, but how do the countries you listed benefit from this in a way that Russia doesn't?

Overpriced Etsy shit is taking away sales from cheap jewelry manufactores in China

 

[Zvantastika]

Sure, but how do the countries you listed benefit from this in a way that Russia doesn't?

Because Russia will be blamed for this, even if they didn't do it (but benefit them anyway) and because Russia is on a hot spot right now with the middle east. If those countries make lots of noise and turn the blame to Russians, maybe other countries will get pissed off at Russia and slow them down on middle east (directly or indirectly). But I guess that's just a bit too far fetched and probably it's just a bunch of people being assholes for the sake of it, either way it's not the end of the world.

 

[Piss Clam]

You can sure as hell patch the vulnerability that they're using to get all of these bots, and remove the virus from computers that are already infected.
And it's hard to get a botnet that can fuck up a major ISP. If it was easy, these attacks would be common.

These attacks are common, you just don't hear about it because they are mitigated.

You also can't patch things that are broken. It's like trying to patch the hierarchy of certification authority....you can't.

 

[Rou]

Oh man, I can't wait for the troon storms after Twitter goes back up. It is their purpose for living. The longer this takes, the better.

 

[AnOminous]

Oh man, I can't wait for the troon storms after Twitter goes back up. It is their purpose for living. The longer this takes, the better.

I hope it stays down long enough that serious withdrawal kicks in. Can you imagine what John Flynt is doing right now? I imagine he's twitching and about to go into convulsions.