#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
AWS EKS Security Best Practices

Search results for DNS amplification | Breaking Cybersecurity News | The Hacker News

Largest Ever 400Gbps DDoS attack hits Europe uses NTP Amplification

Largest Ever 400Gbps DDoS attack hits Europe uses NTP Amplification

Feb 12, 2014
The Distributed Denial of Service (DDoS) attack is the one of favourite weapon for the hackers to temporarily suspend services of a host connected to the Internet and till now nearly every big site had been a victim of this attack. Since 2013, Hackers have adopted new tactics to boost Distributed Denial of Service attack sizes, which is known as ' Amplification Attack ', that provide the benefits of obscuring the source of the attack, while enabling the bandwidth to be used to multiply the size of the attack. Just yesterday, hackers have succeeded in reaching new heights of the massive DDoS attack targeting content-delivery and anti-DDoS protection firm CloudFlare , reaching more than 400Gbps at its peak of traffic, striking at the company's data servers in Europe. " Very big NTP reflection attack hitting us right now. Appears to be bigger than the #Spamhaus attack from last year. Mitigating ," CloudFlare CEO Matthew Price said in a tweet. " Someone's got a big, new...
FICORA and Kaiten Botnets Exploit Old D-Link Vulnerabilities for Global Attacks

FICORA and Kaiten Botnets Exploit Old D-Link Vulnerabilities for Global Attacks

Dec 27, 2024 Botnet / DDoS Attack
Cybersecurity researchers are warning about a spike in malicious activity that involves roping vulnerable D-Link routers into two different botnets, a Mirai variant dubbed FICORA and a Kaiten (aka Tsunami) variant called CAPSAICIN. "These botnets are frequently spread through documented D-Link vulnerabilities that allow remote attackers to execute malicious commands via a GetDeviceSettings action on the HNAP (Home Network Administration Protocol) interface," Fortinet FortiGuard Labs researcher Vincent Li said in a Thursday analysis. "This HNAP weakness was first exposed almost a decade ago, with numerous devices affected by a variety of CVE numbers, including CVE-2015-2051 , CVE-2019-10891 , CVE-2022-37056 , and CVE-2024-33112 ." According to the cybersecurity company's telemetry data, attacks involving FICORA have targeted various countries globally, whereas those related to CAPSAICIN primarily singled out East Asian territories like Japan and Taiwan. T...
Reflection DDoS Attacks Using Millions of UPnP Devices on the Rise

Reflection DDoS Attacks Using Millions of UPnP Devices on the Rise

Oct 17, 2014
After successful in launching reflection and amplification Distributed Denial-of-Service (DDoS) attacks by abusing various protocols such as DNS, NTP and SMTP, hackers are now abusing Simple Service Discovery Protocol (SSDP) – part of the UPnP protocol standard – to target home and office devices, researchers warned. SSDP is a network protocol based on the Internet Protocol Suite that comes enabled on millions of networked devices, such as computers, printers, Internet gateways, Router / Wi-Fi access points, mobile devices, webcams, smart TVs and gaming consoles, to discover each other and automatically establish working configurations that enable data sharing, media streaming, media playback control and other services. FLAW IN UPnP USED IN AMPLIFICATION DDoS ATTACK Prolexic Security Engineering & Response Team (PLXsert) at Akamai Technologies have issued a warning that the devices use in residential or small office environments are being co-opted into reflection ...
cyber security

Free Tool: Help Desk Verification Codes

websitePush SecurityThreat Detection / Identity Security
Get secure, rotating codes in employee browsers to verify their identity and stop Scattered Spider breaches.
BaitTrap: Over 17,000 Fake News Websites Caught Fueling Investment Fraud Globally

BaitTrap: Over 17,000 Fake News Websites Caught Fueling Investment Fraud Globally

Jul 08, 2025Financial Scams / Online Security
A newly released report by cybersecurity firm CTM360 reveals a large-scale scam operation utilizing fake news websites—known as Baiting News Sites (BNS)—to deceive users into online investment fraud across 50 countries. These BNS pages are made to look like real news outlets: CNN, BBC, CNBC, or regional media. They publish fake stories that feature public figures, central banks, or financial brands, all claiming to back new ways to earn passive income. The goal? Build trust quickly and steer readers toward professional-looking scam platforms like Trap10, Solara Vynex, or Eclipse Earn. Scammers use sponsored ads on Google, Meta, and blog networks to push traffic to these sites. Ads often carry clickbait headlines—"You won't believe what a prominent public figure just revealed"—paired with official photos or national flags to make them feel legit. Clicking the ad directs users to a fake article, which then redirects them to a fraudulent trading platform. Many of these scams follow a...
1.7 Tbps DDoS Attack — ​Memcached UDP Reflections Set New Record

1.7 Tbps DDoS Attack — ​Memcached UDP Reflections Set New Record

Mar 06, 2018
The bar has been raised. As more amplified attacks were expected following the record-breaking 1.35 Tbps Github DDoS attack , someone has just set a new record after only four days — 1.7 Tbps DDoS attack. Network security and monitoring company Arbor Networks claims that its ATLAS global traffic and DDoS threat data system have recorded a 1.7Tbps reflection/amplification attack against one of its unnamed US-based customer's website. Similar to the last week's DDoS attack on GitHub, the massive bandwidth of the latest attack was amplified by a factor of 51,000 using thousands of misconfigured Memcached servers exposed on the Internet. Memcached, a popular open source distributed memory caching system, came into news earlier last week when researchers detailed how attackers could abuse it to launch amplification DDoS attack by sending a forged request to the targeted Memcached server on port 11211 using a spoofed IP address that matches the victim's IP. A few b...
Over 20Gbps DDoS attacks Now Become Common for Hackers

Over 20Gbps DDoS attacks Now Become Common for Hackers

Mar 30, 2014
The Distributed Denial of Service ( DDoS ) attack has become more sophisticated and complex and therefore has become one of the favorite weapon for the cyber criminals to temporarily suspend the services of any host connected to the Internet and till now nearly every big site had been a victim of this attack, from WordPress to online game websites. According to the new report released by a US based security solutions provider  Incapsula , DDOS activities have become threefold since the start of the year 2013, pointing the key source of trash traffic to be the remotely controlled " zombie army " that can be used to flood various websites by DDoS attacks and other malicious activities. The report site as " DDOS Threat Landscape ", explains that almost one in every three DDoS attacks is above 20Gbps and 81% of attacks feature multiple vector threats. The attackers are becoming more skillful at working around the network security and reusing their DDOS Botnets to attack m...
BitTorrent Fixes Reflective DDoS Attack Security Flaw

BitTorrent Fixes Reflective DDoS Attack Security Flaw

Aug 28, 2015
Two weeks ago, we reported how a serious flaw in the popular peer-to-peer BitTorrent file sharing protocols could be exploited to carry out a devastating distributed denial of service (DDoS) attack, allowing lone hackers with limited resources to take down large websites. Good news is that the developers of BitTorrent have fixed the security issue in its service that is being used by hundreds of Millions of users worldwide. In a blog post published Thursday, BitTorrent announced that the flaw was resided in a reference implementation of the Micro Transport Protocol (uTP) called libuTP , which is used by many widely used BitTorrent clients such as μTorrent , Vuze and Mainline . The San Francisco company also announced that it has rolled out a patch for its libuTP software that will stop miscreants from abusing the p2p protocol to conduct Distributed Reflective Denial-of-Service (DRDoS) attacks. DRDoS attack is a more sophisticated form of conventional DDoS att...
How to Exploit BitTorrent for Large-Scale DoS Attacks

How to Exploit BitTorrent for Large-Scale DoS Attacks

Aug 17, 2015
A flaw discovered in several widely used BitTorrent applications, including uTorrent, Vuze and Mainline , could be used to carry out a devastating distributed denial of service (DDoS) attack that makes it very easy for a single undetectable hacker to bring down large sites. A new research by Florian Adamsky of the City University London shows that open BitTorrent protocol can be exploited to carry out Distributed Reflective Denial of Service (DRDoS) attacks . The bitTorrent protocol is a file-sharing protocol used by Millions of active online users at any given point in the day to exchange files over the Internet. DRDoS attack is a more sophisticated form of conventional DDoS attack where open and misconfigured DNS (Domain Name System) can be used by anyone to launch high-bandwidth DDoS attacks on target websites. In a paper , titled " P2P File-Sharing in Hell: Exploiting BitTorrent Vulnerabilities to Launch Distributed Reflective DoS Attacks ," the resea...
Friday's Massive DDoS Attack Came from Just 100,000 Hacked IoT Devices

Friday's Massive DDoS Attack Came from Just 100,000 Hacked IoT Devices

Oct 27, 2016
Guess how many devices participated in last Friday's massive DDoS attack against DNS provider Dyn that caused vast internet outage? Just 100,000 devices. I did not miss any zeros. Dyn disclosed on Wednesday that a botnet of an estimated 100,000 internet-connected devices was hijacked to flood its systems with unwanted requests and close down the Internet for millions of users. Dyn executive vice president Scott Hilton has issued a statement , saying all compromised devices have been infected with a notorious Mirai malware that has the ability to take over cameras, DVRs, and routers. "We're still working on analyzing the data but the estimate at the time of this report is up to 100,000 malicious endpoints," Hilton said. "We are able to confirm that a significant volume of attack traffic originated from Mirai-based botnets." Mirai malware scans for Internet of Things (IoT) devices that are still using their default passwords and then enslaves those...
Massive 7.3 Tbps DDoS Attack Delivers 37.4 TB in 45 Seconds, Targeting Hosting Provider

Massive 7.3 Tbps DDoS Attack Delivers 37.4 TB in 45 Seconds, Targeting Hosting Provider

Jun 20, 2025 Cyber Attack / Botnet
Cloudflare on Thursday said it autonomously blocked the largest distributed denial-of-service (DDoS) attack ever recorded, which hit a peak of 7.3 terabits per second (Tbps). The attack, which was detected in mid-May 2025, targeted an unnamed hosting provider. "Hosting providers and critical Internet infrastructure have increasingly become targets of DDoS attacks," Cloudflare's Omer Yoachimik said . "The 7.3 Tbps attack delivered 37.4 terabytes in 45 seconds." Earlier this January, the web infrastructure and security company said it had mitigated a 5.6 Tbps DDoS attack aimed at an unnamed internet service provider (ISP) from Eastern Asia. The attack originated from a Mirai-variant botnet in October 2024. Then in April 2025, Cloudflare revealed it defended against a massive 6.5 Tbps flood that likely emanated from Eleven11bot, a botnet comprising roughly 30,000 webcams and video recorders. The hyper-volumetric attack lasted about 49 seconds. The 7.3 Tbps...
THN Weekly RoundUp – 12 Hacking Stories You Don’t Want To Miss This Week

THN Weekly RoundUp – 12 Hacking Stories You Don't Want To Miss This Week

Oct 12, 2015
Here we are with our weekly roundup, showcasing last week's top cyber security threats and challenges. Just in case you missed any of them (ICYMI), THN Weekly Round-Up helps you provide all important stories of last week in one shot. We advise you to read the full story (just click ' Read More ' because there's some valuable advice in it as well). Here's the list: 1. Facebook to Launch Its Own Satellite to Beam Free Internet Facebook has revealed its plans to launch a  $500 Million Satellite  by next year in an effort to provide free or cheap Internet access in the developing countries. The social network giant has teamed up with the French satellite provider  Eutelsat  Communications to  beam free Internet  access to several parts of countries in Sub-Saharan Africa. For detailed information on Facebook's Satellite Project –  Read more … 2. Angler Exploit Kit Campaign Generating $30 Million Took Down Researchers...
Microsoft Fended Off a Record 2.4 Tbps DDoS Attack Targeting Azure Customers

Microsoft Fended Off a Record 2.4 Tbps DDoS Attack Targeting Azure Customers

Oct 12, 2021
Microsoft on Monday revealed that its Azure cloud platform mitigated a 2.4 Tbps distributed denial-of-service (DDoS) attack in the last week of August targeting an unnamed customer in Europe, surpassing a  2.3 Tbps attack  stopped by Amazon Web Services in February 2020. "This is 140 percent higher than  2020's 1 Tbps attack  and higher than any network volumetric event previously detected on Azure," Amir Dahan, senior program manager for Azure Networking,  said  in a post, calling it a " UDP reflection " lasting for about 10 minutes. Reflected amplification attacks are a type of denial of service attacks wherein a threat actor takes advantage of the connectionless nature of UDP protocol with spoofed requests so as to overwhelm a target server or network with a flood of packets, causing disruption or rendering the server and its surrounding infrastructure unavailable. The attack is said to have originated from a botnet of approximately 70,000 compromi...
Cloudflare Thwarts Largest-Ever 3.8 Tbps DDoS Attack Targeting Global Sectors

Cloudflare Thwarts Largest-Ever 3.8 Tbps DDoS Attack Targeting Global Sectors

Oct 04, 2024 DDoS Attack / Botnet
Cloudflare has disclosed that it mitigated a record-breaking distributed denial-of-service (DDoS) attack that peaked at 3.8 terabits per second (Tbps) and lasted 65 seconds. The web infrastructure and security company said it fended off "over one hundred hyper-volumetric L3/4 DDoS attacks throughout last month, with many exceeding 2 billion packets per second (Bpps) and 3 terabits per second (Tbps)." The hyper-volumetric L3/4 DDoS attacks have been ongoing since early September 2024, it noted, adding they targeted multiple customers in the financial services, Internet, and telecommunication industries. The activity has not been attributed to any specific threat actor. The previous record for the largest volumetric DDoS attack hit a peak throughput of 3.47 Tbps in November 2021 , targeting an unnamed Microsoft Azure customer in Asia. The attacks leverage the User Datagram Protocol (UDP) protocol on a fixed port, with the flood of packets originating from Vietnam, Russi...
Expert Insights Articles Videos
Cybersecurity Resources