In the past week, a surge of memcached reflection attacks has triggered a massive wave of DDoS incidents. Various industries have been hit repeatedly, with one attack targeting Akamai customers reaching an unprecedented 1.3 Tbps. Akamai identified that this ransomware campaign utilized a memcached payload, marking a new trend in cyber extortion.
Extortion and DDoS have long gone hand-in-hand, with attackers constantly evolving their tactics. Early groups like DD4BC used phishing emails containing threats and payment demands, often accompanied by small-scale attacks. These emails would set deadlines, warning victims that larger attacks would follow if they didn't comply. Over time, copycat groups emerged, using broad-based spamming techniques to target multiple companies. Many of these emails were generic, but they still played on fear, hoping to extract real money from desperate organizations.
Memcached has now become a favorite tool for DDoS attackers, enabling them to launch powerful attacks across various sectors. Unlike traditional methods, attackers no longer need to rely on brute force; instead, they exploit the protocol’s amplification capabilities to cause maximum damage. This makes it easier for malicious actors to turn a threat into a financial opportunity.
During a real-time attack on Akamai Prolexic Routed clients, researchers captured packets that contained clear signs of extortion. The payload included a demand for 50 Monero (XMR), equivalent to around $16,000, sent to a specific wallet address. This approach closely mirrors ransomware tactics, where attackers embed payment instructions within the attack traffic, hoping victims will pay to stop the assault.
The method involves attackers injecting a payload into a Memcached server, which then reflects the traffic back at the target. While most of the data is junk, some attacks include ransom details—like the amount due and the wallet address. This suggests that the attackers are not just launching random attacks, but rather trying to monetize them through coercion.
One key takeaway is that **paying the ransom is not recommended**. Instead, organizations should invest in better bandwidth and robust DDoS protection. Attackers using this technique often target multiple victims simultaneously, using the same attack pattern, ransom amount, and wallet address. There's no evidence they track whether victims pay or not, and even if someone does, it's unclear if the attack will stop. In many cases, the attacker may never even know who paid.
Akamai has successfully defended against these attacks using its Prolexic infrastructure, which includes specialized defenses against Memcached-based DDoS attacks. Their cloud-based solutions help filter out malicious traffic before it reaches a company’s network, ensuring continuous protection against high-volume attacks.
Akamai is the world’s leading cloud delivery platform, trusted by businesses worldwide to deliver fast, secure digital experiences. With over 200,000 servers deployed across 130+ countries, Akamai offers unmatched scalability and security. Its 24/7 monitoring and customer support ensure reliable performance, making it a top choice for enterprises looking to defend against cyber threats and maintain optimal web and mobile performance.
Designed for those who are always on the go, the Big Bang XXL Switch Duo Disposable Vape is an ultra-advanced vaping pod mod system that`s all about giving a rapidly smooth puff trip to all the meshuga vapers! This smart and compact mechanism of vaping will leave you with the perfect ` larger than life throat hits` without actually demanding anything. These pre-filled, pre-charged, vaping throwaways beat the rest for their unique blend of sleek designing yet giving vapers the double extra large puff feels!
Bang Duo Disposable Vape,Max Pro Disposable Vape,Different Flavors Disposable Vape,Portable Disposable Vape Pen
Shenzhen Essenvape Technology Co., Ltd. , https://www.essenvape.com