Security Experts:

Twitter, Others Disrupted by DDoS Attack on Dyn DNS Service

Twitter, GitHub and several other major websites are inaccessible for many users due to a distributed denial-of-service (DDoS) attack on the Managed DNS infrastructure of cloud-based Internet performance management company Dyn.

The list of affected websites includes Twitter, Etsy, GitHub, Soundcloud, PagerDuty, Spotify, Shopify, Airbnb, Intercom and Heroku.

GitHub has informed users that its upstream DNS provider is affected by a “global event.” At the time of writing, website availability services show that has been down for roughly two hours.

According to Dyn, the DDoS attack aimed at its DNS service started at roughly 11:10 UTC. The company is working on mitigating the attack, which appears to mainly impact customers in the east of the United States. People in Europe and Asia have reported that they can access the affected sites.

DDoS attacks launched against Internet services providers can be highly problematic, especially since malicious actors are capable of launching increasingly powerful attacks. An attack targeting hosting provider OVH last month exceeded 1 Tbps.

These massive attacks are launched with the aid of botnets powered by hundreds of thousands of compromised Internet of Things (IoT) devices. Mirai botnets, for instance, have ensnared more than half a million DVRs, routers and IP cameras.

Related Reading: Cybercriminals Target Blockchain in DNS Attack

Related Reading: DNS Monitoring - Connecting the Dots for Better Internet Security

Related Reading: Over 500,000 IoT Devices Vulnerable to Mirai Botnet

view counter
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.