Edu.za is being used for massive DDoS traffic

Bradley Prior

MyBroadband Journalist
Staff member
Super Moderator
Joined
Oct 16, 2018
Messages
4,921
Reaction score
1,547
Edu.za is being used for massive DDoS traffic

Domain Name System (DNS) servers on the edu.za domain are being exploited to launch massive distributed denial of service attacks (DDoS), according to a new report from Nexus Guard.

Nexus Guard’s second-quarter Threat Report for 2019 stated that DNS amplification attacks have spiked more than 1,000% compared with Q2 2018. DNS amplification attacks accounted for 65% of DDoS attacks last quarter.
 
Interesting

  • Mobile devices also continued to contribute to DDoS attacks, which primarily originated from iOS mobile devices in addition to botnet-hijacked Windows machines.




fukk you, iSheep!
 
.... but, but why? Unless they ask for ransom money.
Although money has, over the years, become the chief motivator, there are many others. The 2019 Verizon DBIR is an authoritative source of information on this if you are interested, here are some pertinent graphics which may provide some answers:

Edit: Oops, Mybb doesn't handle svg graphics too well, so you'll have to view the report or download the .pdf.



results-and-analysis-figure7.svg



results-and-analysis-figure8.svg




threat-action-varieties-figure11.svg
 
And Telkom. My LTE-A at home has become so unreliable my wife is using her phone. Failed DNS resolutions and intermittent timeouts all day long.

I use a PiHole with OpenDNS IP's - have hardly been affected the last few weeks.
My girls play Minecraft + watch YT and Netflix; have not had a single complaint.
 
I use a PiHole with OpenDNS IP's - have hardly been affected the last few weeks.
My girls play Minecraft + watch YT and Netflix; have not had a single complaint.
I ahve mine set to 1.1.1.1 and 8.8.8.8... still getting DNS resolution issues intermittently.
 
Top
Sign up to the MyBroadband newsletter