Denial-of-service attack using memcached

A Memcached Distributed Denial of Service (DDoS) attack is a cyber attack aimed at Memcached, a database caching system designed to speed up websites and networks. It works by flooding a website or application with traffic to crash the servers.

How does Memcached work?

Memcache is a distributed memory caching system. Its purpose is to help websites and applications load content faster by temporarily storing content on devices, which can then efficiently load when the visitor comes back to the website.

Memcache vulnerabilities

As open-source software, Memcached could be vulnerable to attacks. This became apparent in 2018 when a new form of DDoS attack was launched. Cyber attackers sent spoof requests, which mask the real identity of a sender by cloaking their IP address, to a vulnerable UDP Memcached server.

A UDP, or User Datagram Protocol, is particularly vulnerable as it allows data to be transferred before the end receiving party agrees to the communication, for example, a quick video playback. Hackers sent these spoof requests to the server, flooding the victims with high volumes of traffic and crashing the servers.

As with traditional DDoS attacks, Memcached attacks result in an overloaded server, denying service to genuine website users.

One step up from Morai Botnet

Prior to the Memcache attack, the biggest DDoS threat was the Morai Botnet malware, first discovered by MalwareMustDie in August 2016. At the time, it was involved in some of the largest DDoS attacks in history, including well-publicized cases such as the attack on security journalist Brian Krebs.

Largest DDoS Attack Ever Detected — Twice the Size of 2017 Mirai Botnet

Having successfully protected against Morai Botnet, Akamai is now compiling its resources to help enterprises fend off any potential attacks from Memcached malware.

On February 28, 2018, one of Akamai experienced a 1.3 TBps DDoS attack against one of our customers, driven by the memcached reflection. This is the largest attack seen to date by Akamai, more than twice the size of the Mirai botnet attack mitigated by Akamai in 2017.

In response, Akamai created the Prolexic Platform. This software was able to successfully moderated the attack by filtering all traffic sourced from UDP port 11211.

The UDP port 11211 is the default port used by Memcached.

If you want to learn more see this link for reference :

An Ethical hacker should know the penalties of unauthorized hacking into a system. Read more at: Legality and Ethics

#botnet #internet #devices #connection #connectivity #internetconnected #morebots #bots #dos #dosattack #ddos #ddosattack #stealing #stealdata #malicious #maliciousattack #computers #virus #protectionspell #Python #programming #Hacking #Botnets #hacking #ethicalhacking #botnets #xboxmods #xboxbooter #ps3modder #booting


For more tricks and update over hacking stay tuned to our site: Note 4 Tech