Distributed malware attacks Dyn DNS, takes down websites in US

October 24, 2016

On Friday, a network of diverse -connected devices targeted the domain registration service provider. It took down Dyn clients, including several popular websites such as, , , , ', and '.

The attack involved targeting Dyn's servers with a large volume of requests, rendering it incapable of serving replies to legitimate requests &mdash; a DDoS (distributed denial of service) attack. Users' browsers and other clients sent requests to Dyn to resolve the respective web sites' domain names to an IP, but did not get a reply within the time required.

The first attack started at about 7am local time and was resolved in two hours. A second attack started at mid-day, and a third attack started at about 4pm local time. Tens of millions of malicious request sources were observed, interfering with legitimate Dyn traffic.

The reports noted the malicious devices included internet-connected devices — not only servers and desktops, but also s,, s — referred to as the.

On Friday evening Dyn said a security company and a cloud services provider Akamai identified symptoms of malware  participating in the attacks. The malware infects the devices by brute forcing their passwords. This strategy may work as a consequence of users' negligence towards password security of stationary devices, which the users do not directly interact with in their everyday life while leaving them exposed to the Internet.

Matthew Prince, the CEO of an Internet infrastructure company said it's a known issue, "There's nothing really new about [this type of DDoS attack]. We've seen them for at least the last three years, they tend to be difficult to stop".

Public release of Mirai source code was announced at Hackforums on September 30.

Dyn's corporate headquarters are in.