It's affecting Mashery too and therefore customers who run their APIs through Mashery. As I discovered when the phone started ringing with people complaining the Getty Images plugin on our Wordpress site stopped working.
Dyn dinged by DDoS: US DNS firm gives web a bad hair day
A denial of service attack against managed DNS provider Dyn restricted access to many US-based websites on Friday. The ongoing attack is affecting Dyn’s managed DNS customers on the US East Coast, according to the provider, which adds on its status page that its “engineers are continuing to work on mitigating this issue”. …
COMMENTS
-
Friday 21st October 2016 16:40 GMT IT Poser
It's back
I had hoped that there would be a little more coverage here at ElReg. I know it's the wrong side of the pond but this appears to be a fairly major hack.
Interestingly the 'conservative' sites I visit haven't had any issues. It is the 'liberal' media that appears to be down.
Note: The quotes are to indicate I am using the American versions of those words.
-
Friday 21st October 2016 16:58 GMT Florida1920
Re: It's back
Interestingly the 'conservative' sites I visit haven't had any issues. It is the 'liberal' media that appears to be down.
Guess that applies to the Grauniad. Articles are working here in the States, but I can't log in, due to DNS problems. Maybe this is a Putinbot operation in retaliation for Assangesky getting sent to the cyber gulag?
-
Sunday 23rd October 2016 14:16 GMT Anonymous Coward
Re: It's back
Interestingly the 'conservative' sites I visit haven't had any issues. It is the 'liberal' media that appears to be down.
Here's a very liberal site that wasn't down; they were talking about the DDoS in the comments: http://www.nakedcapitalism.com/2016/10/200pm-water-cooler-10212016.html
Hmmm, they were spared because they're too liberal for Hillary? lolz.
-
Friday 21st October 2016 16:58 GMT diodesign
Re: It's back
We're on it - it's on our radar, we also have other stories to cover too.
Late edit: We published new stuff. Here's a summary of our updates.
C.
-
Monday 24th October 2016 13:19 GMT Wzrd1
Re: It's back
"I know it's the wrong side of the pond but this appears to be a fairly major hack."
So, now a DDOS from a bunch of cameras and home routers is a hack.
My, how some people have low standards.
The only real hack was against those insecure IOT devices.
Or as I call them, IdiOT owned devices.
-
Monday 24th October 2016 20:42 GMT IT Poser
Re: It's back
Wzrd1,
See my handle. I come here so that I know just enough to not buy stupid kit like anything labelled smart. If only I could get my even less informed friends and family to do the same this particular attack might not have been possible.
The good news is that if I get corrected enough I might be able to raise my rank from poser to novice.
-
Thursday 23rd February 2017 22:24 GMT B_Crump
Re: It's back
I’ve been searching the archives trying to get my head around Mirai the IoT botnet DDOS army. How did the hackers find them to coopt them? Is it the connection to a mother ship that many of these insecure IoT devices require that hackers can exploit to find the devices in the first place? Or are the IoT devices behind home routers exposed when the routers themselves are compromised? (default or weak passwords, open service ports, whatever.)
Any thoughts on the matter are greatly appreciated.
-
-
-
-
Friday 21st October 2016 17:55 GMT smartypants
We got hit by this today
The symptoms were really odd, and this explains it all as it affected DNS resolution of our own domain and things like github, but not other domains. We use Dyn too...
Can we replace the moniker IOT with IOUT?
Internet Of Unpatched Things
(Sure some of them are just boxes with the default password, but the important thing is that they need to be KICKED OUT if the internet is to be a thing in 5 years)
-
Friday 21st October 2016 18:10 GMT Michael Jarve
Live from Minnesota
13:05 CST: Ars Technica updated their post on this occurrence to say a second wave of attacks began at about noon EST. As of right now, sites like Wikipedia, The Face Book, Twitter, and the like are not accessible, at least to me. Other sites like Ars Technica, and El Reg are much slower loading than usual.
-
Friday 21st October 2016 19:29 GMT Florida1920
Any truth to this?
DDoS attacks on companies like Dyn, which facilitate the loading of web pages, have increased recently in both size and intensity. The latest comes the day after Doug Madory, director of Internet Analysis at Dyn, gave a presentation at an industry conference about research he had done on questionable practices at BackConnect Inc., a firm that offers web services, including helping clients manage DDoS attacks. According to Madory, BackConnect had regularly spoofed Internet addresses through a technique known as a BGP hijack, an aggressive tactic that pushes the bounds of industry.
Madory’s research was conducted with Brian Krebs, a well-known writer on computer-security issues. Krebs also published an article based on the research last month. Within hours, his website was hit by a “extremely large and unusual” DDoS attack, he wrote.
Twitter.com won't resolve here; I predict a massive social breakdown if this isn't fixed soon. Beer o'clock will be coming early this Friday.
-
-
Friday 21st October 2016 20:20 GMT Florida1920
Does anyone else remember the public service film that warned the collapse of the civilian internet was the first sign that human civilization was about to suffer a nuclear holocaust inflicted by murderous robots?
The firestorm will come at 3 a.m. US EDT tomorrow, when Donald Trump arises and discovers he still can't send Tweets. SAD!
-
-
Friday 21st October 2016 20:36 GMT Anonymous Coward
Most of Gov.uk services down too
I think Gov.uk's main hosting supplier uses Dyn. Therefore Verify, visit visas and a few other new GDS government services are down and/or just redirect to the Gov.uk home page. As GitHub is broken also then they won't have a clue what to do and will likely be crying into their beards.....unless they are too busy playing ping pong to notice.
-
Friday 21st October 2016 21:47 GMT alsace765
Redundant DNS providers
Question: Suppose your primary authoritative DNS server is at DYN , and your secondary authoritative server is at Rackspace, or Google, or Neustar, etc ..
If you primary DNS server at DYN fails to respond, shouldn't the dns client then query your seconday DNS server at Rackspace, or Google, or Neustar etc. ?? ( i.e wherever you have your secondary DNS hosted.)
-
-
Saturday 22nd October 2016 09:26 GMT DonL
Re: Redundant DNS providers
"The problem in this case is that DYN is the host for these domains which are spread over many servers."
Exactly.
The ONE thing cloud is ideal for: Rent 2 or more VPS servers at DIFFERENT providers and let bind take care of zone transfers. And then even the big names mess it up.
-
-