EclecticIQ Fusion Center Report: DDoS Attack Stemming from Memcached Servers Hits GitHub (English)
Report from EclecticIQ Fusion Center from Friday 2 March 2018.
Key Findings:
- Memcached DDoS attacks don't require a malware-driven botnet.
- The attack (in Tbps) appears to be the largest seen, which surpassed the 2016 Dyn DNS DDoS.
- Attackers spoof the IP address of their victim(s) and send small queries to multiple memcached servers that are designed to elicit a larger response.
- According to Shodan, there are over 119,491 devices with port 11211 exposed to the internet.
About EclecticIQ
EclecticIQ develops analyst-centric products that align our clients’ cybersecurity focus with their threat reality. The result is intelligence-led security, improved detection, prevention, and response.
EclecticIQ Fusion Center
EclecticIQ Fusion Center delivers thematic intelligence bundles providing a single curated source of relevant CTI from leading suppliers all in a single contract.
Download Report
About EclecticIQ
EclecticIQ develops analyst-centric products that align our clients’ cybersecurity focus with their threat reality. The result is intelligence-led security, improved detection, prevention, and response.
EclecticIQ Fusion Center
EclecticIQ Fusion Center delivers thematic intelligence bundles providing a single curated source of relevant CTI from leading suppliers all in a single contract.