• Some users have recently had their accounts hijacked. It seems that the now defunct EVGA forums might have compromised your password there and seems many are using the same PW here. We would suggest you UPDATE YOUR PASSWORD and TURN ON 2FA for your account here to further secure it. None of the compromised accounts had 2FA turned on.
    Once you have enabled 2FA, your account will be updated soon to show a badge, letting other members know that you use 2FA to protect your account. This should be beneficial for everyone that uses FSFT.

Github Hit by Biggest DDOS Attack Ever Recorded

DooKey

DooKey

[H]F Junkie
2FA
Joined
Apr 25, 2001
Messages
15,598
Github was hit by the biggest DDoS attack ever recorded (may be paywalled) on Wednesday. According to Akamai Prolexic the attack peaked at 1.3Tbps and this attack utilized memcached servers that return 50 times the data to the IP spoofed address of the victim. This kind of attack is called an amplification attack and while it's been used before the scale of this one was off the charts. Fortunately for Github they had a mitigation plan they immediately put into action, however, not everyone has this in place and these attacks are bound to proliferate and cause significant loss of service to companies that aren't prepared. Thanks Adam T.

Wednesday's onslaught wasn't the first time a major DDoS attack targeted GitHub. The platform faced a six-day barrage in March 2015, possibly perpetrated by Chinese state-sponsored hackers. The attack was impressive for 2015, but DDoS techniques and platforms—particularly Internet of Things–powered botnet - have evolved and grown increasingly powerful when they’re at their peak. To attackers, though, the beauty of memcached DDoS attacks is there's no malware to distribute, and no botnet to maintain.
 
Well, GitHub has been continuously spamming me with forum message updates to threads I am not even following nor have I ever posted in them.

Other people have been complaining about the same thing for months.

I say they got what was coming to them - disclaimer - I had nothing to do with it.
 
Haven't heard of this type of DDoS before, so I read up on it.

http://www.zdnet.com/article/memcached-ddos-the-biggest-baddest-denial-of-service-attacker-yet/

Yeah, probably should work on getting some form of authentication. I'm sure it was created by companies that had the server budget to keep the memcache server non-public facing. I've seen it installed on shared web servers, so clearly that rule is out the window.

Kinda like with IoT. Engineers don't realize the massive vulnerability until it's gone so widespread that script kiddies are exploiting them.


Also, why GitHub? Seems like an odd target.
 
What kind of ficken moron installs an unsecured service like memcached on an internet facing server? That is so irresponsible that I can't even begin to express it. :banghead: This is why we can't have nice things.
 
PaulP said:
What kind of ficken moron installs an unsecured service like memcached on an internet facing server? That is so irresponsible that I can't even begin to express it. :banghead: This is why we can't have nice things.
Click to expand...

It's incredible how much insecure junk is left web-facing. Examples of clueless "full-stack devops" throwing a docker container into production without considering what horrors it might cause everyone else.
 
The kind of people that expose their PBX to the Internet. Those that don't know any better.

PaulP said:
What kind of ficken moron installs an unsecured service like memcached on an internet facing server? That is so irresponsible that I can't even begin to express it. :banghead: This is why we can't have nice things.
Click to expand...
 
You must log in or register to reply here.
Back
Top