NS1 which is onne of the leading DNS providers in the world have revealed that their servers have been facing massive distributed denial of service (DDoS) attacks for last two weeks. “The attack started small in the beginning, but as time passed it became intense and also varied the methods through which it bombarded the service’s infrastructure”, according to NS1.
According to the CEO, Kris Beevers of NS1 , the company’s Managed DNS network came under a series of DDoS attacks above 20-30 Gbps, with most above 10-20M packets per sec (pps). The attack was not on the customers but on NS1 infrastructure as attackers also DDoSed the hosting provider of ns1.com website. However, during the past week things were very weird with attackers combining different tactics such as high volume DDoS traffic, malicious direct DNS queries, random label attacks, and malformed packet attacks.
Currently the company does not have any clues as to who may be behind this attack and says the attack is raging strong. “Patterns observed in the direct DNS attack traffic indicated the attacker had advanced knowledge of NS1’s customers, likely obtained by controlling compromised DNS resolvers operated by one or more ISPs, and was targeting the platform broadly, not attempting to bring down any individual customer”, Beevers explained.
For now, NS1 has successfully pulled off the attack traffic though Beevers refrained from going into more details.
Well, this has been an un-fun 24h. Proud of our team’s creativity, scrappiness, endurance. We’ll come out stronger than ever. <3 @nsoneinc
— Kris Beevers (@beevek) May 17, 2016