Major websites have gone down worldwide — The reason is still unclear but a major DNS provider is suffering a massive DDoS attack and experts are connecting the dots.
Twitter, Reddit, Spotify, Etsy, Box, Wix Customer Sites Squarespace Customer Sites and bunch of other websites were offline earlier today. That’s because someone conducted a massive distributed denial of service (DDoS) attack on the Dyn, a world renowned Domain Name Servers (DNS) service provider.
Also Read: Meet Linux.Mirai Trojan, a DDoS nightmare
In a statement, Dyn acknowledged that their servers are under DDoS attack.
Starting at 11:10 UTC on October 21th-Friday 2016 we began monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure. Some customers may experience increased DNS query latency and delayed zone propagation during this time. Updates will be posted as information becomes available. This attack is mainly impacting US East and is impacting Managed DNS customer in this region. Our Engineers are continuing to work on mitigating this issue.
https://twitter.com/Dyn/status/789444349998268416
Imagine a scenario where a DNS provider that is used by Reddit, Twitter or Facebook is under DDoS attack, there is no way a user can visit any of these sites and it looks like that’s what’s going on right now. There are several websites that were down this morning including Twitter, Reddit, Spotify, Esty, Box, Wix Customer Sites Squarespace Customer Sites, Shopify, SoundCloud, Github, Airbnb, Reddit, Freshbooks and Heroku. However, some sites are already coming back online.
The issue has now been located and resolved – thanks a lot for your patience.
— SoundCloud Support (@SCsupport) October 21, 2016
We're seeing playback issues on iOS. Engineers are investigating the cause. For updates check our Status blog https://t.co/9anKTSU2Gj
— SoundCloud Support (@SCsupport) October 21, 2016
The upstream DNS incident has been resolved. We continue to monitor our systems while they deliver a backlog of webhook events.
— GitHub Status (@githubstatus) October 21, 2016
Also Read: US Emergency Phone System ‘911’ Can Be Hacked Through TDoS Attack
Also Read: OVH hosting suffers 1Tbps DDoS attack; largest Internet has ever seen
List of sites that currently down according to our lovely readers:
MySpace.com
Box.com
Twitter.com
Schoology and Apex
Npmjs.com (Node Package Manager (major javascript package manager)
Roblox.com
Github.com
Spotify.com
Shopify.com
Freshbooks.com
Netflix.com (slow loading time)
The Boston Globe
The New York Times
PayPal
Theverge.com
Pinterest.com
Constantcontact.com
Playstation Network (PSN)
Revcontent.com
Fox News
Elder Scrolls Online
Starbucks rewards/gift cards
Braintree
Zoho CRM
xbox.com
Indeed.com
ActBlue
Grubhub
Kayak
Basecamp
Yammer
Ancersty.com
Mashable
Intercom.com
Disqus
Eventbrite
Wufoo.com
Iheart.com (iHeartRadio)
Business Insider
Imgur
NHL.com
Cleveland.com
Credit Karma
Squarespace Customer Sites
Atom.io
Wikia
Weebly
nimbleschedule.com
Okta
Big cartel
Zendesk.com
Blue Host
dailynews.com
Twillo
Intercom
donorschoose.org
Eve Online
Weather.com
PagerDuty
Recode
Wix Customer Sites
Speed Test
Salsify.com
Yelp
People.com
Wired.com
Genonebiology.com
Guardian.co.uk
HBO Now
youneedabudget.com
time.com
Qualtrics
BBC
Etsy
CNN
Urbandictionary
SBNation
Zillow.com
WSJ.com
Bill.com
WhatsApp.com
MLB.com
Namecheap.com
Chewy.com
Applicant Tracking System and Recruiting Software | iCIMS.com
WorkMarket
Quora
Kijiji
PayCor
My.WPengine
Dyn.com
Netlog
HomeLight
Sterlingbank.com (sign in issues)
ipage.com
isitdownrightnow.com
Livestream.com
IndieGoGo Fortune
CNBC.com
FT.com
Survey Monkey
Paragon Game
Runescape
In an exclusive conversation with IEEE senior member Kevin Curran, HackRead was told that:
“If you want to understand what really happens in a DDOS attack, then you just need to look into SYN flood attacks. A SYN flood is a denial-of-service attack in which an attacker sends a succession of SYN requests to a target’s system in an attempt to consume enough server resources to make the system unresponsive to legitimate traffic.”
At the time of publishing this article, some sites were still down whilst Dyn was still dealing with the attack.
Update (9:37 PM Friday, October 21, 2016, Greenwich Mean Time (GMT))
It looks like the attacks have been stopped and sites that were gone offline are now coming back online. On the other hand, Dyn has tweeted that their advanced service monitoring issue is currently resolved. They are still investigating and mitigating the attacks on our infrastructure.
https://twitter.com/Dyn/status/789544012017467392
Update:
Dyn has been acquired by Oracle, click here for more details about this acquisition.