1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Thousands of online systems could be hit by new DoS attack

    From TechnologyDaily@1337:1/100 to All on Thu Mar 21 14:15:05 2024
    Thousands of online systems could be hit by new DoS attack

    Date:
    Thu, 21 Mar 2024 14:00:16 +0000

    Description:
    Researchers discover a new way to DoS hundreds of thousands of systems but there is no evidence of in-the-wild abuse.

    FULL STORY ======================================================================

    Hackers can render network services completely useless, by putting them in an infinite communications loop. The loop generates large volumes of traffic, which is why the attack is being dubbed Loop DoS.

    This looped denial-of-service attack was discovered by cybersecurity researchers at the CISPA Helmholtz-Center for Information Security, BleepingComputer reports. It abuses a vulnerability in the User Datagram Protocol (UDP), which allows for IP spoofing and doesnt properly verifies traffic packets.

    The vulnerability is tracked as CVE-2024-2169, and by exploiting it, the researchers put the vulnerable endpoints into an endless loop of traffic generation. As a result, the target systems were unable to service legitimate requests. All it takes is a single host sending one message that starts the communications loop. Endless loop DoS

    Researchers from the Carnegie Mellon CERT Coordination Center (CERT/CC) hint that the vulnerability is relatively dangerous, as it allows threat actors to turn a service unusable, or even worse - cause entire networks to go offline.

    CISPAs Yepeng Pan, and Professor Dr. Christian Rossow, claim that multiple protocols are vulnerable, including both outdated ones (QOTD, Chargen, Echo), and those currently in use (DNS, NTP, TFTP).

    "If two application servers have a vulnerable implementation of said
    protocol, an attacker can initiate a communication with the first server, spoofing the network address of the second server (victim)," CERT/CC said.
    "In many cases, the first server will respond with an error message to the victim, which will also trigger a similar behavior of another error message back to the first server."

    Roughly 300,000 internet hosts are said to be vulnerable to this exploit,
    with Broadcom, Cisco, Honeywell, Microsoft, and MikroTik all confirming being affected.

    The flaw is relatively easy to exploit, the researchers added, but concluded that there is no evidence that anyone used it already. More from TechRadar
    Pro Shockbyte launches new control panel, promises faster load times and more These are the best DDoS protection services around Here is our guide to the best firewalls



    ======================================================================
    Link to news story: https://www.techradar.com/pro/thousands-of-online-systems-could-be-hit-by-new- dos-attack


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)