TechBizWebTechBizWeb

    Subscribe to Updates

    Get the latest news about Technology and Business from all around the web..

    What's Hot

    Crypto hedge fund Three Arrows files for bankruptcy

    July 2, 2022

    There’s a better way to bypass Windows 11 install restrictions

    July 2, 2022

    Biden administration floats new oil leasing plan in Gulf of Mexico

    July 1, 2022
    Facebook Twitter Instagram
    • About Us
    • Privacy Policy
    • Guest Post
    • Terms
    • Contact
    Facebook Twitter Instagram
    TechBizWebTechBizWeb
    Subscribe
    • Home
    • Technology

      There’s a better way to bypass Windows 11 install restrictions

      July 2, 2022

      What is the best controller for Xbox consoles?

      July 1, 2022

      The GPU shortage is over

      July 1, 2022

      Google will start auto-deleting abortion clinic visits from user location history

      July 1, 2022

      The government’s going after alleged crypto scammers as market crashes

      July 1, 2022
    • Business
    • Cyber Security

      Tips to bolster cybersecurity, incident response this 4th of July weekend

      July 1, 2022

      Jon Raper named CISO at Costco

      July 1, 2022

      2022 RSAC takeaways: Risk management vs compliance

      July 1, 2022

      3 security lessons we haven’t learned from the Kaseya breach

      July 1, 2022

      Auston Davis named CISO at Versant Health

      June 30, 2022
    • Blockchain
    • Vulnerabilities
    • Social Engineering
    • Malware
    • Cyber Security Alerts
    TechBizWebTechBizWeb
    Home»Cyber Security»Attackers Use CoAP for DDoS Amplification
    Cyber Security

    Attackers Use CoAP for DDoS Amplification

    February 4, 2019Updated:February 4, 2019No Comments3 Mins Read
    Facebook Twitter Pinterest LinkedIn Tumblr WhatsApp
    Share
    Facebook Twitter LinkedIn Pinterest Email


    Attackers recently started abusing the Constrained Application Protocol (CoAP) for the reflection/amplification of distributed denial of service (DDoS) attacks, NETSCOUT warns. 

    CoAP is a simple UDP protocol designed for low-power computers on unreliable networks that appears similar to HTTP, but which operates over UDP (User Datagram Protocol) port 5683. The protocol is mainly used by mobile phones in China, but is also present in Internet of Things (IoT) devices.

    A DDoS attack leveraging CoAP begins with scans for devices that can be abused, and continues with a flood of packets spoofed with the source address of their target. At the moment, the attackers appear to have only basic knowledge of the protocol, but attacks could become more sophisticated.

    According to NETSCOUT’s security researchers, the scanning for the CoAP protocol has been constant, with almost all GET requests for “/.well-known/core”. In January 2019, however, the researchers noticed a spike in the number of DDoS attacks leveraging the protocol. 

    The average amplification factor for CoAP is 34 and the vast majority of Internet-accessible CoAP devices reside in China and utilize a mobile peer-to-peer network, the researchers reveal. With CoAP devices transient by nature and their addresses changing within weeks, attackers need to continually rescan to find IPs to abuse. 

    Even so, it is possible for a threat actor to build a list of IPs that respond to CoAP, and then abuse these devices to continually send a flood of packets with a spoofed source address of the intended target, NETSCOUT says. 

    The DDoS attacks leveraging CoAP hit targets “geographically and logically well distributed, with little commonality between them.” The attacks last on average just over 90 seconds and feature around 100 packets per second.

    The security researchers found 388,344 CoAP devices on the Internet, with 81% of them located in China, but also some discovered in Brazil, Morocco, South Korea, and the United States. Most of the devices in China responded to /.well-known/core with a QLC Chain response (a peer-to-peer network). 

    Given that the IP address of CoAP devices will change often, the vast majority of devices would have a different IP address within two weeks. This means that CoAP is less efficient in organizing DDoS attacks compared to SSDP, which boasts a similar amplification factor (but devices don’t move on the network as often). 

    Although there are around 12 times as many SSDP devices accessible on the Internet compared to CoAP, attackers still decided to add the CoAP reflection/amplification DDoS vector to their arsenal, meaning that the protocol is likely to continue being abused in attacks. 

    “With the vast majority of CoAP devices being located in China and running QLC Chain, it appears that the currently-abusable CoAP reflectors/amplifiers are part of a limited-scope software monoculture that will likely change as CoAP grows in popularity. The initial wave of attacks utilizes well known behavior of the protocol but there are other features, perhaps not as widely implemented, that could make CoAP even more effective,” NETSCOUT concludes. 

    Related: Authorities Track Down Users of DDoS Services

    Related: U.S. Authorities Take Down 15 DDoS-for-Hire Websites

    view counter

    Ionut Arghire is an international correspondent for SecurityWeek.

    Previous Columns by Ionut Arghire:
    Tags:



    Source link

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

    Related Posts

    Tips to bolster cybersecurity, incident response this 4th of July weekend

    July 1, 2022 Cyber Security

    Jon Raper named CISO at Costco

    July 1, 2022 Cyber Security

    2022 RSAC takeaways: Risk management vs compliance

    July 1, 2022 Cyber Security

    3 security lessons we haven’t learned from the Kaseya breach

    July 1, 2022 Cyber Security

    Auston Davis named CISO at Versant Health

    June 30, 2022 Cyber Security

    Lessons learned from slew of recent data breaches

    June 30, 2022 Cyber Security
    Editors Picks

    There’s a better way to bypass Windows 11 install restrictions

    July 2, 2022

    Biden administration floats new oil leasing plan in Gulf of Mexico

    July 1, 2022

    What is the best controller for Xbox consoles?

    July 1, 2022

    Klarna valuation crashes to $6.5bn from $46bn

    July 1, 2022
    Trending Now

    Mexico presses ahead with multibillion-dollar bet on fossil fuels

    By techbizweb

    Sprint’s network has been officially retired

    By techbizweb

    TikTok says it is working to ‘safeguard’ US data and national security

    By techbizweb

    https://www.nationalsportsacademy.com

    slot gacor hari ini

    http://www.inadesfo.org/

    http://www.eueomgbissau.org/

    http://www.congo-mai-mai.net/

    http://www.angelesdelafrontera.org/

    http://fifaworldcup2018schedule.com/

    http://tony4gtrmcr.co.uk/

    http://www.standrewsagreement.org/

    http://www.bob-russell.co.uk/

    http://davidmulholland.co.uk/

    http://railwayhotelenniskillen.com/

    http://www.fantasysportstrades.com/

    http://www.rainleaf-flooring.com

    http://mothersagainstguns.org/

    http://ma-coc.org/

    slot online

    http://www.paradoxmag.com/situs-judi-slot-online-gampang-menang-2021/

    http://www.paradoxmag.com/situs-judi-slot-online-terbaru-2021/

    http://slot-terbaru.net/

    Slot Gacor

    Slot Online

    Situs Slot Gacor

    http://www.appdexterity.com/

    https://cars4kids-deutschland.de/

    https://www.stretchingculture.com/

    https://www.b-123-hp.com/slot-gacor/

    https://denzstaffing.nl/

    https://ezbbqcooking.com/slot-gacor/

    https://www.mbahelp24.com/slot-gacor

    https://minhtanstore.com/slot-jackpot-terbesar/

    https://njbpusupplierdiversity.com/slot-gacor-gampang-menang/

    https://www.floridaspecialtycropfoundation.org/slot-gampang-menang/

    https://childrenscornerpreschool.org/slot-gacor-gampang-menang/

    https://cryptoquoter.com/slot-online-terbaik/

    https://alorkantho24.com/slot-gacor/

    https://ellas.xyz/slot-gacor/

    https://it.dougamatome.xyz/slot-online/

    https://www.daltercume.com/slot-gacor/

    https://josi-ana.dougamatome.xyz/slot88/

    https://josi-ana.dougamatome.xyz/slot-gacor/

    https://fastobserver.com/slot-jackpot-terbesar/

    https://www.planetexperts.com/slot-gacor/

    https://bfsolution.group/slot-bet-kecil/

    https://rustleva.co/slot/

    https://bfsolution.group/slot-bet-kecil/

    https://www.hotelcalimareal.com/togel-online/

    https://anime-game.dougamatome.xyz/slot-gacor-gampang-menang/

    https://anime-game.dougamatome.xyz/togel-online/

    https://bourbonbarrelfoods.com/slot/

    http://suneo39.wp.xdomain.jp/slot/

    https://techbizweb.com/slot-gacor/

    https://www.generalcatalyst.com/18-daftar-slot-gacor-terbaik-gampang-menang-jackpot-hari-ini/

    https://www.hotelcalimareal.com/slot-online/

    https://www.blockgates.io/slot-gacor/

    https://l12.com.br/slot-gacor/

    slot paling gacor

    https://www.donalds-hobby.com/slot-online/

    https://thecryptodirt.com/slot-gacor-hari-ini/

    http://iseta.edu.ar/aulavirtual/app/upload/users/1/1205/my_files/sbobet.html

    http://escuelavirtual.mincit.gov.co/app/upload/users/1/194/my_files/slot.html

    https://www.dev.medecinesfax.org/courses/JUDICASINO/document/slot.html

    http://www.e-archivos.org/cursos/courses/JUDICASINO/document/slot-gacor.html

    http://iesma.com.br/ead/main/upload/users/4/447/my_files/slot.html

    https://www.fundacoop.org/chamilo/app/upload/users/1/1185/my_files/slot.html

    https://fata-aatf.org/eskola/main/upload/users/3/31/my_files/slot.html

    https://uancv.edu.pe/ofinvestigacion/app/upload/users/3/328/my_files/slot-terlengkap.html

    https://micost.edu.my/EL/app/upload/users/2/209/my_files/slot-gacor.html

    https://www.academiacoderdojo.ro/elearningdev/app/upload/users/2/2442/my_files/slot-online.html

    http://campus-cidci.ulg.ac.be/courses/JUDICASINO/document/slot-termurah.html

    https://www.escueladerobotica.misiones.gob.ar/aula-ste/courses/LIVECASINO/document/slot-tergacor.html

    http://ccdipeepccqqfar.usac.edu.gt/chamilo/app/upload/users/3/358/my_files/slot-online.html

    https://cunori.edu.gt/campus/app/upload/users/7/7334/my_files/slot-online.html

    http://u-rus.com.ar/aula/app/upload/users/1/1322/my_files/slot.html

    http://icrodarisoveria.edu.it/chamilo/app/upload/users/1/1855/my_files/slot.html

    https://iestpliliagutierrez.edu.pe/clarolgm/courses/CASINO/document/slot.html

    http://pva.cobach.edu.mx/app/upload/users/7/7379/my_files/slot.html

    http://www.imb-pc-online.edu.gt/PL/app/upload/users/3/373/my_files/slot.html

    http://avcs.upeu.edu.pe/main/upload/users/3333/my_files/slot.html

    https://chamilo.fca.uas.edu.mx/app/upload/users/1/11186/my_files/slot-online/

    TechBizWeb
    Facebook Twitter Instagram Pinterest Vimeo YouTube
    • Home
    • Guest Post
    • About Us
    • Privacy Policy
    • Our Authors
    • Terms and Conditions
    • Contact
    © 2022 Tech Biz Web. Developed by Sawah Dev.

    Type above and press Enter to search. Press Esc to cancel.