In a scene straight out of Mr. Robot, a massive number of websites including Reddit, Twitter and Spotify were taken down or hit hard Friday morning after hackers got to their DNS host.
Gizmodo reports hackers used a distributed denial of service (DDoS) attack to go after Dyn DNS Company servers. Since Dyn helps facilitate users landing on correct pages, attacking it means many users were unable to reach popular websites. Dyn released the following statement on the DDoS attack.
“Starting at 11:10 UTC on October 21th-Friday 2016 we began monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure. Some customers may experience increased DNS query latency and delayed zone propagation during this time. Updates will be posted as information becomes available.”
Dyn issued an update stating affected users are mostly in the US East area.
— That Matt Navarra ⭐️ (@MattNavarra) October 21, 2016
Many massive networks have been hit with the attack, with CNN, HBO Now, the Playstation Network, Pinterest, Starbucks and Spotify also among the many sites DDoS’d. The hackers going after Dyn’s DNS infrastructure allowed the attack to become more widespread.
Considering Dyn’s prominence, the scale of the attack has to be one of the biggest among recent DDoS attacks. Members of the hacker groups Lizard Squad and PoodleCorp were recently arrested for multiple DDoS attacks on Blizzard and EA between 2014-16, after multiple successful attempts at taking down company servers. Those hackers sought public attention. Unlike that scenario, no hackers have taken credit for taking down the huge list of websites.
Those affected by the hacks will need to wait out the storm. The websites won’t be down forever and Dyn is reporting that the issue is resolved. But if hackers have their wish, they will be down for as long as possible.