Security News > 2020 > May > NXNSAttack: New DNS Vulnerability Allows Big DDoS Attacks
Several major providers of DNS services and software have been working to address a serious DNS vulnerability that could allow malicious actors to launch significant distributed denial-of-service attacks.
The flaw exists in the DNS protocol and it affects all recursive DNS resolvers.
It has been confirmed to impact DNS software such as NLnet Labs's Unbound, BIND, Knot Resolver and PowerDNS, as well as DNS services provided by Google, Microsoft, Cloudflare, Amazon, Oracle, Verisign, IBM Quad9, and ICANN. The affected organizations have patched their software and servers to prevent exploitation.
DNS amplification attacks are DDoS attacks where the attacker exploits vulnerabilities in DNS servers to turn small queries into larger payloads that can disrupt the targeted server.
The attacker's server delegates to fake server names pointing to the victim's DNS domain, causing the resolver to generate queries towards the victim's DNS server.
News URL
Related news
- Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks (source)
- Europol Dismantles 27 DDoS Attack Platforms Across 15 Nations; Admins Arrested (source)
- Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks (source)
- Cloudflare mitigated a record-breaking 5.6 Tbps DDoS attack (source)
- Mirai Botnet Launches Record 5.6 Tbps DDoS Attack with 13,000+ IoT Devices (source)
- Mirai botnet behind the largest DDoS attack to date (source)