Popular domain registrar and web hosting service Namecheap has been having trouble with an unexpected DDoS attack targeting 300 or so domains on two of their their DNS nameservers.
Itís clear then that DNS-based DDoS attacks are a growing threat, and one thatís being neglected by businesses when DNS security should really be seen as a priority because of the increasing risks.
Matthew Prince, CEO of content delivery network Cloudflare, has confirmed on Twitter on Monday that one of its customers was being targeted with a very big Network Time Protocol (NTP) reflection attack - "bigger that the Spamhaus attack from last year." He didn't name the customer, but he has shared that the attack reached the level of over 400 gigabits per second, that it probably caused congestion on some peering exchanges (mostly in Europe), that (based on sampled data) it misused just over 4,500 misconfigured NTP servers, and that the customer initially wanted to pay with a stolen credit card.
Prolexic Technologies issued a high alert DDoS attack threat advisory on the DNS Flooder v1.1 toolkit.
British spy agency GCHQ has used Denial of Service attacks against Anonymous, in order to disrupt their communications, their activities, and to lead members of the loosely tied collective away from participating in the DDoS attacks aimed at governments and companies, NBC reported.