Security News > 2021 > February > Plex Media servers actively abused to amplify DDoS attacks
Plex Media Server systems are actively being abused by DDoS-for-hire services as a UDP reflection/amplification vector in Distributed Denial of Service attacks.
"We've seen its use as far back as November when activity ramped up, but most of the time, we see its use is in multi-vector attacks rather than as a primary vector, which can result in some uncertainty in finding an exact day it began to be used," Hummel said when asked of the first time PMSSDP was observed as a DDoS attack amplification vector.
Attackers can exploit roughly 27,000 exposed devices running Plex Media Server to amplify and reflect DDoS traffic onto their targets systems.
Booters' services are rented to launch large-scale DDoS attacks targeting servers or sites to trigger a denial of service that usually brings them down or disrupts online services.
In January, Baidu Security Lab also reported observing DDoS attacks using Plex as an amplification vector.
According to a subsequent report from ZoomEye, not all Plex Media Server versions can be abused by attackers.