Security News > 2020 > May > NXNSAttack: New DNS Vulnerability Allows Big DDoS Attacks
Several major providers of DNS services and software have been working to address a serious DNS vulnerability that could allow malicious actors to launch significant distributed denial-of-service attacks.
The flaw exists in the DNS protocol and it affects all recursive DNS resolvers.
It has been confirmed to impact DNS software such as NLnet Labs's Unbound, BIND, Knot Resolver and PowerDNS, as well as DNS services provided by Google, Microsoft, Cloudflare, Amazon, Oracle, Verisign, IBM Quad9, and ICANN. The affected organizations have patched their software and servers to prevent exploitation.
DNS amplification attacks are DDoS attacks where the attacker exploits vulnerabilities in DNS servers to turn small queries into larger payloads that can disrupt the targeted server.
The attacker's server delegates to fake server names pointing to the victim's DNS domain, causing the resolver to generate queries towards the victim's DNS server.
News URL
Related news
- Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks (source)
- Cloudflare mitigated a record-breaking 5.6 Tbps DDoS attack (source)
- Mirai Botnet Launches Record 5.6 Tbps DDoS Attack with 13,000+ IoT Devices (source)
- Mirai botnet behind the largest DDoS attack to date (source)
- Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891) (source)
- New Aquabot Botnet Exploits CVE-2024-41710 in Mitel Phones for DDoS Attacks (source)
- DDoS attacks reportedly behind DayZ and Arma network outages (source)
- Gcore DDoS Radar Reveals 56% YoY Increase in DDoS Attacks (source)
- PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks (source)
- CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks (source)