CircleID

Several sources are reporting about a new form of denial-of-service (DDoS) attacks which are based on a new variant of DNS amplification. DNS amplification was first widely publicized in March of 2006 with the release of a paper by security experts Gadi Evron and Randal Vaughn which examined a scenario in which criminals abuse recursive DNS name servers by using spoofed user datagram protocol (UDP) packets.

Don Jackson, director of threat intelligence at network security provider SecureWorks, told SCMagazine: "Since then, DNS amplification has been used in DDoS extortion attempts against pornography and gambling websites… The technique soon will be used against more mainstream commercial sites thanks to a new variant in which criminals do not have to rely on recursive queries."

Read full story: SC Magazine

Related topics: Cyberattack, DDoS, DNS, Security