DDoS Attack on DNS; Major sites including GitHub PSN, Twitter Suffering Outage

0
1613

Twitter, Reddit, Spotify, Etsy, Box, Wix Customer Sites Squarespace Customer Sites and bunch of other websites were offline earlier today. That’s because someone conducted a massive distributed denial of service (DDoS) attack on the Dyn, a world renowned Domain Name Servers (DNS) service provider.

In a statement, Dyn acknowledged that their servers are under DDoS attack.

Starting at 11:10 UTC on October 21th-Friday 2016 we began monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure. Some customers may experience increased DNS query latency and delayed zone propagation during this time. Updates will be posted as information becomes available. This attack is mainly impacting US East and is impacting Managed DNS customer in this region. Our Engineers are continuing to work on mitigating this issue.

https://twitter.com/Dyn/status/789444349998268416

Imagine a scenario where a DNS provider that is used by Reddit, Twitter or Facebook is under DDoS attack, there is no way a user can visit any of these sites and it looks like that’s what’s going on right now. There are several websites that were down this morning including Twitter, Reddit, Spotify, Esty, Box, Wix Customer Sites Squarespace Customer Sites, Shopify, SoundCloud, Github, Airbnb, Reddit, Freshbooks and Heroku. However, some sites are already coming back online.

ddos-attack-on-dns-major-websites-including-github-twitter-suffering-outageLevel3’s DDoS map shows internet outage

List of sites that currently down according to our lovely readers:

Box.com
Twitter.com
Schoology and Apex
Npmjs.com (Node Package Manager (major javascript package manager)
Roblox.com
Github.com
Spotify.com
Shopify.com
Freshbooks.com
Netflix.com (slow loading time)
The Boston Globe
The New York Times
PayPal
Theverge.com
Pinterest.com
Constantcontact.com
Playstation Network (PSN)
Revcontent.com
Fox News
Elder Scrolls Online
Starbucks rewards/gift cards
Braintree
Zoho CRM
xbox.com
Indeed.com
ActBlue
Grubhub
Kayak
Basecamp
Yammer
Ancersty.com
Mashable
Intercom.com
Disqus
Eventbrite
Wufoo.com
Iheart.com (iHeartRadio)
Business Insider
Imgur
NHL.com
Cleveland.com
Credit Karma
Squarespace Customer Sites
Atom.io
Wikia
Weebly
nimbleschedule.com
Okta
Big cartel
Zendesk.com
Blue Host
dailynews.com
Twillo
Intercom
donorschoose.org
Eve Online
Weather.com
PagerDuty
Recode
Wix Customer Sites
Speed Test
Salsify.com
Yelp
People.com
Wired.com
Genonebiology.com
Guardian.co.uk
HBO Now
youneedabudget.com
time.com
Qualtrics
BBC
Etsy
CNN
Urbandictionary
SBNation
Zillow.com
WSJ.com
Bill.com
WhatsApp.com

“If you want to understand what really happens in a DDOS attack, then you just need to look into SYN flood attacks. A SYN flood is a denial-of-service attack in which an attacker sends a succession of SYN requests to a target’s system in an attempt to consume enough server resources to make the system unresponsive to legitimate traffic.”

At the time of publishing this article, some sites were still down whilst Dyn was still dealing with the attack. If you know any other site that is facing outage kindly email me at [email protected]

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Questo sito usa Akismet per ridurre lo spam. Scopri come i tuoi dati vengono elaborati.