Internet Movie Database And Amazon Hit By A DDOS Attack
On Friday, Internet movie database IMDB suffered a sustained distributed denial-of-service (DDoS) attack that coincided with Amazon.com being offline.
A senior member of Narus, a network protection and management company, said in a blog that he found evidence that at least one of the IP addresses used by IMDB fell under a sustained DDoS attack between 10:30 a.m. and 1:30 p.m. PDT Friday.
According to Narus, attempts to load the IMDB page via a direct connection to the Web server under attack (http://72.21.206.70/) did not load any images at all. It seems that IMDB is hosted using Amazon Web Service (AWS) since this IP-address is registered as belonging to Amazon. The duration of the attack on IMDB coincided with the amount of time that Amazon was offline on Friday.
The attacker seemed to open multiple connections with the IMDB’s Web server on port 80 while incrementing his source port for every new connection. The attack’s average rate was 3Mbits/sec, certainly not large enough to cause a complete overload but probably good enough to delay the legit users. However, there might have been other attacks launched at the same time on IMDB which weren’t in the path of Narus probes.
Update (June 10): A new attack hit Amazon’s US and UK sites Monday morning California time and lasted for about an hour, according to Keynote Systems, which monitors website performance. Visitors of the website received the message: “Http/1.1 Service Unavailable.”
In addition to the possibility of a targeted attack, there are speculations that the outage was inadvertently caused by bots programmed to scoop up the Metal Gear Solid 4 bundle, an 80-GB pack for the PlayStation3, which went on sale on Amazon on Friday.
Amazon declined to discuss the cause of the outages.
More on CyberInsecure:
Leave a Reply
Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.