Multiple large DDoS attacks against a company which runs managed DNS infrastructure in the US took down multiple prominent websites last night, including Twitter, PayPal, Reddit, and Amazon.
The attack, which according to reports was conducted in three waves, was targeted against Dyn.
The DDoS attack against Dyn’s domain name system infrastructure resulted in several websites also going offline in South Africa, including PayPal, Twitter, Sony PlayStation Network, and eBay.
In terms of accessing websites, a domain name system is responsible for translating website names – Amazon.com – into a numerical IP address so the site can be located.
According to a report by The Verge, details have started to emerge as to what was behind the large attack.
DDoS from IoT botnet
The report stated that the source of the attack appears to be a Mirai-based IoT botnet.
Internet of Things devices which are vulnerable to being taken control of – and made part of the botnet – include smart home devices such as sensors or cameras.
Mirai is a piece of malware that scans the Internet for these devices, locating ones which have default username and password combinations, and then takes control of them.
Dyn’s chief strategy officer Kyle Owen confirmed that traffic to its servers was “clogged with malicious requests from tens of millions of IP addresses”.
The company said the attack was “very sophisticated and complex”.