Reddit was downed by record DDoS attack, motive is unknown
Posted on 23 April 2013.
In order to relieve the curiosity of the huge Reddit community, systems administrator Jason Harvey has shared some details about the DDoS attack that recently hit the popular social news site and caused it to go down for a period of 50 minutes.


The attack started at roughly 0230 PDT on the 19th, and for the next eight ours the attackers and Reddit admins were "battling it out" by continually adjusting their attack and mitigation strategies.

Most of the users didn't notice a great difference when using the site during that short period, but some login attempts and API calls failed, and the sysadmins chose to disable some site features.

"The pattern of the attack clearly indicated that this was a malicious attempt aimed at taking the site down. For example, thousands of separate IP addresses all hammering illegitimate requests, and all of them simultaneously changing whenever we would move to counter," wrote Harvey.

"At peak the attack was resulting in 400,000 requests per second at our CDN layer; 2200% over our previous record peak of 18,000 requests per second. Even when serving 400k requests a second, a large amount of the attack wasn't getting responded to at all due to various layers of congestion. This suggests that the attacker's capability was higher than what we were even capable of monitoring."

He pointed out that the attack was coming from thousands of IPs around the world, which means a botnet was used.

"I'd say the most likely explanation is that someone decided to take us down for shits and giggles. There was a lot of focus on reddit at the time, so we were an especially juicy target for anyone looking to show off. DDoS attacks we've received in the past have proven to be motivated as such, although those attacks were of a much smaller scale. Of course, without any clear evidence from the attack itself we can't say anything for certain," he added, commenting on Reddit users' speculation about the motives of the attack, which ranged from "revenge" for getting involved in the CISPA blackout to attackers demonstrating the power of their botnets to a potential customer.

He answered some of the questions put forward by the users, but declined to answer others, saying they have to be careful on what they share in order not to provide next attacker with clear instructions on how to take Reddit down in the future.









Spotlight

Staples customers likely the latest victims of credit card breach

Posted on 21 October 2014.  |  Multiple banks say they have identified a pattern of credit and debit card fraud suggesting that several Staples Inc. office supply locations in the Northeastern United States are currently dealing with a data breach.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Oct 22nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //