'Kill Switch' to Mitigate Memcached DDoS Attacks — Flush 'Em All
Mar 08, 2018
Security researchers have discovered a "kill switch" that could help companies protect their websites under massive DDoS attack launched using vulnerable Memcached servers. Massive Memcached reflection DDoS attacks with an unprecedented amplification factor of 50,000 recently resulted in some of the largest DDoS attacks in history . To make matter even worse, someone released proof-of-concept (PoC) exploit code for Memcached amplification attack yesterday, making it easier for even script kiddies to launch massive cyber attacks. Despite multiple warnings, more than 12,000 vulnerable Memcached servers with UDP support enabled are still accessible on the Internet, which could fuel more cyber attacks soon. However, the good news is that researchers from Corero Network Security found a technique using which DDoS victims can send back a simple command, i.e., "shutdown\r\n", or "flush_all\r\n", in a loop to the attacking Memcached servers in order ...
