Welcome!

News Feed Item

Prolexic Issues High Alert Threat Advisory for DNS Flooder DDoS Attack Toolkit

- Speeds and simplifies the launch of large reflection attacks

FORT LAUDERDALE, Florida, Feb. 11, 2014 /PRNewswire/ -- Prolexic Technologies, the global leader in Distributed Denial of Service (DDoS) protection services, today issued a high alert DDoS attack threat advisory on the DNS Flooder v1.1 toolkit. The toolkit makes it faster and easier for malicious actors to launch crippling reflection attacks and will likely be widely adopted in the DDoS-as-a-Service market, potentially increasing the number of attacks.

(Logo: http://photos.prnewswire.com/prnh/20140211/FL62697LOGO )

This new toolkit enables malicious actors to purchase, set up and use their own DNS servers to launch reflection attacks without the need to find open and vulnerable DNS servers on the Internet. This expedites the availability of the DNS botnet, enabling malicious actors to launch large cyber attacks without having to spend considerable time and resources building an army of bots through malware infections.

"As the DNS Flooder toolkit uses reflection and amplification techniques, attackers can anonymously launch powerful DDoS attacks with just a handful of servers," said Stuart Scholly, president of Prolexic. "Widespread usage in the DDoS-as-a-Service market is likely and the security community needs to be aware and closely monitor this emerging threat."

Prolexic has observed the DNS Flooder toolkit in multiple DDoS attack campaigns against its global client base over the last six months. In some cases, the campaigns have had amplification factors of 50 times the originating bandwidth.

The DNS Flooder toolkit uses a multi-step process to launch DDoS attacks:

  1. The toolkit spoofs the IP address of the intended target and creates a DNS request, which is sent to attacker's DNS botnet.
  2. The attacker's DNS botnet sends an extended DNS (EDNS) response back. The EDNS response includes more data than the DNS request (amplification). Because the IP address used in the request was spoofed, the response is reflected back to the attacker's target. 
  3. The toolkit loops multiple times, reflecting and amplifying the response to the target with each loop.

Prolexic's DNS Flooder threat advisory provides a detailed analysis of the toolkit, sample payloads, recommended DDoS protection and mitigation techniques, as well as case studies on two DNS Flooder campaigns directed against Prolexic clients. A complimentary download of the threat advisory is available at www.prolexic.com/dns-flooder.

Prolexic Threat Advisories
Designed to provide early warnings of new or modified DDoS denial of service attack signatures and scripts, recently observed by PLXsert, each threat advisory contains a detailed description of the type of DDoS attack, a list of attack signatures, and the specific network infrastructure or application that it targets. In addition, Prolexic's DDoS mitigation experts also offer insight into the nature of each type of attack, as well as provide specific warnings as to how the attack will affect businesses and enterprises of different sizes and infrastructures.

About the Prolexic Security Engineering & Response Team (PLXsert)
PLXsert monitors malicious cyber threats globally and analyzes DDoS attacks using proprietary techniques and equipment. Through data forensics and post attack analysis, PLXsert is able to build a global view of DDoS attacks, which is shared with customers. By identifying the sources and associated attributes of individual attacks, the PLXsert team helps organizations adopt best practices and make more informed, proactive decisions about DDoS threats.

Details of Prolexic's DDoS mitigation activities and insights into the latest tactics, types, targets and origins of global DDoS attacks are provided in quarterly reports published by the company. Prolexic's global DDoS attack reports are available at www.prolexic.com/attackreports.

About Prolexic
Prolexic is the world's largest, most trusted Distributed Denial of Service (DDoS) mitigation provider. Able to absorb the largest and most complex attacks ever launched, Prolexic restores mission-critical Internet-facing infrastructures for global enterprises and government agencies within minutes. Ten of the world's largest banks and the leading companies in e-Commerce, SaaS, payment processing, travel/hospitality, gaming, energy and other at-risk industries rely on Prolexic to protect their businesses. Founded in 2003 as the world's first in-the-cloud DDoS mitigation platform, Prolexic is headquartered in Fort Lauderdale, Florida, and has scrubbing centers located in the Americas, Europe and Asia. To learn more about how Prolexic can stop DDoS attacks and protect your business, please visit www.prolexic.com, follow us on LinkedIn, Facebook, Google+, YouTube, and @Prolexic on Twitter.

Contact:
Michael E. Donner
SVP, Chief Marketing Officer
Prolexic
media {at} prolexic {dot} com
+1 (954) 620 6017

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
"Qosmos has launched L7Viewer, a network traffic analysis tool, so it analyzes all the traffic between the virtual machine and the data center and the virtual machine and the external world," stated Sebastien Synold, Product Line Manager at Qosmos, in this SYS-CON.tv interview at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Without a clear strategy for cost control and an architecture designed with cloud services in mind, costs and operational performance can quickly get out of control. To avoid multiple architectural redesigns requires extensive thought and planning. Boundary (now part of BMC) launched a new public-facing multi-tenant high resolution monitoring service on Amazon AWS two years ago, facing challenges and learning best practices in the early days of the new service. In his session at 19th Cloud Exp...
Everyone knows that truly innovative companies learn as they go along, pushing boundaries in response to market changes and demands. What's more of a mystery is how to balance innovation on a fresh platform built from scratch with the legacy tech stack, product suite and customers that continue to serve as the business' foundation. In his General Session at 19th Cloud Expo, Michael Chambliss, Head of Engineering at ReadyTalk, discussed why and how ReadyTalk diverted from healthy revenue and mor...
As data explodes in quantity, importance and from new sources, the need for managing and protecting data residing across physical, virtual, and cloud environments grow with it. Managing data includes protecting it, indexing and classifying it for true, long-term management, compliance and E-Discovery. Commvault can ensure this with a single pane of glass solution – whether in a private cloud, a Service Provider delivered public cloud or a hybrid cloud environment – across the heterogeneous enter...
You have great SaaS business app ideas. You want to turn your idea quickly into a functional and engaging proof of concept. You need to be able to modify it to meet customers' needs, and you need to deliver a complete and secure SaaS application. How could you achieve all the above and yet avoid unforeseen IT requirements that add unnecessary cost and complexity? You also want your app to be responsive in any device at any time. In his session at 19th Cloud Expo, Mark Allen, General Manager of...
Financial Technology has become a topic of intense interest throughout the cloud developer and enterprise IT communities. Accordingly, attendees at the upcoming 20th Cloud Expo at the Javits Center in New York, June 6-8, 2017, will find fresh new content in a new track called FinTech.
"We are a leader in the market space called network visibility solutions - it enables monitoring tools and Big Data analysis to access the data and be able to see the performance," explained Shay Morag, VP of Sales and Marketing at Niagara Networks, in this SYS-CON.tv interview at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
@DevOpsSummit taking place June 6-8, 2017 at Javits Center, New York City, is co-located with the 20th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. @DevOpsSummit at Cloud Expo New York Call for Papers is now open.
Keeping pace with advancements in software delivery processes and tooling is taxing even for the most proficient organizations. Point tools, platforms, open source and the increasing adoption of private and public cloud services requires strong engineering rigor - all in the face of developer demands to use the tools of choice. As Agile has settled in as a mainstream practice, now DevOps has emerged as the next wave to improve software delivery speed and output. To make DevOps work, organization...
The 20th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held June 6-8, 2017, at the Javits Center in New York City, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Containers, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportunity. Submit your speaking proposal ...
"We are a modern development application platform and we have a suite of products that allow you to application release automation, we do version control, and we do application life cycle management," explained Flint Brenton, CEO of CollabNet, in this SYS-CON.tv interview at DevOps at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Amazon has gradually rolled out parts of its IoT offerings in the last year, but these are just the tip of the iceberg. In addition to optimizing their back-end AWS offerings, Amazon is laying the ground work to be a major force in IoT – especially in the connected home and office. Amazon is extending its reach by building on its dominant Cloud IoT platform, its Dash Button strategy, recently announced Replenishment Services, the Echo/Alexa voice recognition control platform, the 6-7 strategic...
Regulatory requirements exist to promote the controlled sharing of information, while protecting the privacy and/or security of the information. Regulations for each type of information have their own set of rules, policies, and guidelines. Cloud Service Providers (CSP) are faced with increasing demand for services at decreasing prices. Demonstrating and maintaining compliance with regulations is a nontrivial task and doing so against numerous sets of regulatory requirements can be daunting task...
Bert Loomis was a visionary. This general session will highlight how Bert Loomis and people like him inspire us to build great things with small inventions. In their general session at 19th Cloud Expo, Harold Hannon, Architect at IBM Bluemix, and Michael O'Neill, Strategic Business Development at Nvidia, discussed the accelerating pace of AI development and how IBM Cloud and NVIDIA are partnering to bring AI capabilities to "every day," on-demand. They also reviewed two "free infrastructure" pr...
"This is specifically designed to accommodate some of the needs for high availability and failover in a network managed system for the major Korean corporations," stated Thomas Masters, Managing Director at InfranicsUSA, in this SYS-CON.tv interview at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.