Memcached Flaw Kill Switch Could Foil DDoS-ers

Researchers claim to have discovered a way of mitigating a vulnerability in Memcached servers which is responsible for two of the biggest DDoS attacks ever recorded. Corero Network Security said it has disclosed the new “kill switch” to the authorities in a bid to lock down the flaw worldwide and prevent more damaging attacks. The Memcached open source memory caching system is found on over 95,000 servers worldwide, where it caches frequently used web pages to boost access times and performance. However, it was never meant to be internet accessible, so is not protected by any authentication mechanism. This means hackers can generate spoof requests to amplify DDoS attacks by up to 50,000 times, according to Corero. This led to a 1.35Tbps attack on GitHub last week and an even bigger one of 1.7Tbps on an unnamed US service provider which Arbor claims to have defended against.