Unknown parties carried out a large-scale DDoS attack on the Internet’s DNS root servers, causing slight timeouts for four nodes, more exactly on the B, C, G, and H servers, RootOps reports. There were two different attacks, one launched on November 30 that lasted 160 minutes (from 06:50 to 09:30 UTC), and a second, shorter one on December 1 that lasted only one hour (from 05:10 to 06:10 UTC). RootOps, the DNS root server operators, are reporting that the attacks were valid DNS queries addressed towards one domain in the first attack, and to a different domain on the second day. Each attack blasted up to five million queries per second per DNS root name server. RootOps has no hopes to catch the culprit, since IP source addresses can be easily spoofed, and the source IP addresses used in the DDoS attack were very well spread and randomized across the entire IPv4 address space. The DDoS didn’t cause any serious damage, but a mere delay for some users making DNS queries via their browser, FTP, SSH, or other clients. DNS protocol’s design saves the day “The DNS root name server system functioned as designed, demonstrating overall robustness in the face of large-scale traffic floods observed at numerous DNS root name servers,” said the DNS root server operators, referring to the fallback system employed by DNS servers. Because of the way DNS is constructed, on a mesh-like structure like the Internet itself, if one server does not respond, other servers intervene and provide a DNS query result. The DNS root server operators did not speculate on the reasons this massive attack was carried out against their infrastructure but did say this was not the result of a reflected DDoS attack. RootOps recommended that ISPs that don’t want to allow DDoS attacks that use IP address spoofing to be carried from their network should implement Source Address Validation and the BCP-38 specification. Source: http://news.softpedia.com/news/dns-root-servers-hit-by-ddos-attack-497363.shtml
Read this article:
DNS Root Servers Hit by DDoS Attack
Two sister blogs, Hacked (Security & Tech) and CryptoCoinsNews, have decided to go the Mel Gibson route (“Ransom” movie reference for the uncool kids) and put out a bounty on DDoS attackers instead of paying the money they were asking for. It all started earlier this morning, when both sites saw a serious DDoS attack being carried out against their server infrastructure. Three hours after the attack began, the two received emails from a man named Jon. The attacker claimed to own a botnet that he intended to use for DDoS attacks. He said that currently he was using only 20% of the botnet’s capabilities against the two sites. Jon was asking for a 2 Bitcoin ransom, which would become 3 Bitcoin by tomorrow if unpaid. Instead of giving in and being intimidated by the attacker, the two sites ramped up their DDoS mitigation and decided to put out a 5 Bitcoin ransom on the attacker, which is about $1,600 or €1,500 in today’s exchange rate. Turning the table on DDoS extortionists “If you can help us identify the extortionists in a way that leads to a successful police report, you will receive five bitcoins, with gratitude,” says Samburaj Das of CCN and Hacked. The bloggers are looking for data like real names, addresses, and attacks carried out on other sites that would allow investigators to track their DDoS campaign. Details should be sent to crypto@cryptocoinsnews.com. Only last month something similar happened to ProtonMail, a crypto email service. The site was under a massive DDoS attack, which also expanded to its ISP. Due to peer pressure from other affected services, ProtonMail paid the ransom , but the attacks never stopped, with other groups also taking aim at their infrastructure. Many people skewered ProtonMail’s owners for paying the attackers, saying it was a bad idea and did nothing but encourage such types of groups to carry on with their DDoS-for-Bitcoin extortion campaigns . We’ll just have to wait and see how Hacked/CCN’s countermove goes through. Source: http://news.softpedia.com/news/bloggers-put-bounty-on-ddos-extortionists-496586.shtml