Memcrashed: Memcached amplification attack

Memcrashed

The discovery of a new vector that allowed great amplification has been in the middle of a new DDoS technique that allowed attackers to reach 1.7 Tbps of network traffic at the beginning of this month as reported by Arbor Networks thus setting a new record for largest denial of service attack less than a week after it was set at 1.35 Tbps as reported by GitHub on the 28th of February.

This vector has been made available because of the abusable nature of UDP communications and the carelessness of system administrators who allowed global access to their memcached instances.

By spoofing your IP address as your target and sending packets to a publicly accessible memcached server, you may gain a factor of 51 200 of amplification on your network load to your target address as reported by Cloudflare.

Continue reading Memcrashed: Memcached amplification attack