Sunday, April 11, 2021
  • Bitcoin
  • About
  • Trusted Links
  • Advertise
  • Careers
  • Donate
  • Contact
Hacking tools on all platforms
No Result
View All Result
  • The Hacker News
  • Tools9
  • Tutorial
  • Video
  • Blog
  • Donate Us
Hacking tools on all platforms
Home Blog
Cybercriminals Now Using Plex Media Servers to Amplify DDoS Attacks

Cybercriminals Now Using Plex Media Servers to Amplify DDoS Attacks

Nhan Nguyen by Nhan Nguyen
in Blog
Reading Time: 4min read
0
0
SHARES
51
VIEWS
Share on FacebookShare on Twitter

Related posts

Russian Hackers Targeted Ukraine Authorities With Supply-Chain Malware Attack

Russian Hackers Targeted Ukraine Authorities With Supply-Chain Malware Attack

02/25/2021
2.7k
Online Trackers Increasingly Switching to Invasive CNAME Cloaking Technique

Online Trackers Increasingly Switching to Invasive CNAME Cloaking Technique

02/24/2021
2.5k
Experts Warns of Notable Increase in QuickBooks Data Files Theft Attacks

Experts Warns of Notable Increase in QuickBooks Data Files Theft Attacks

02/24/2021
2.7k
Everything You Need to Know About Evolving Threat of Ransomware

Everything You Need to Know About Evolving Threat of Ransomware

02/24/2021
2.7k

Cybercriminals Now Using Plex Media Servers to Amplify DDoS Attacks

Cybercriminals Now Using Plex Media Servers to Amplify DDoS Attacks

A new distributed denial-of-service attack (DDoS) vector has ensnared Plex Media Server systems to amplify malicious traffic against targets to take them offline.

“Plex’s startup processes unintentionally expose a Plex UPnP-enabled service registration responder to the general Internet, where it can be abused to generate reflection/amplification DDoS attacks,” Netscout researchers said in a Thursday alert.

Plex Media Server is a personal media library and streaming system that runs on modern Windows, macOS, and Linux operating systems, as well as variants customized for special-purpose platforms such as network-attached storage (NAS) devices and digital media players. The desktop application organizes video, audio, and photos from a user’s library and from online services, allowing access to and stream the contents to other compatible devices.

password auditor

DDoS attacks typically involve flooding a legitimate target with junk network traffic that comes from a large number of devices that have been corralled into a botnet, effectively causing bandwidth exhaustion and leading to significant service disruptions.

A DDoS amplification attack occurs when an attacker sends a number of specially-crafted requests to a third-party server that causes the server to respond with large responses to a victim. This is done by spoofing the source IP address to appear as if they are the victim instead of the attacker, resulting in traffic that overwhelms victim resources.

Thus when the third parties respond to the attacker’s request, the replies are routed to the server being targeted rather than the attacker device that sent the request.

Now according to Netscout, DDoS-for-hire services are weaponizing Plex Media Servers to beef up their attack infrastructure, providing an average amplification factor of about 4.68.

Plex makes use of Simple Service Discovery Protocol (SSDP) to scan other media devices and streaming clients, but this gives way to a problem when the probe locates an SSDP-enabled broadband internet access router, and in the process, exposes the Plex service registration responder directly on the Internet on UDP port 32414.

Making matters worse, the cybersecurity firm said it identified about 27,000 abusable servers on the Internet to date.

“The collateral impact of PMSSDP reflection/amplification attacks is potentially significant for broadband Internet access operators whose customers have inadvertently exposed PMSSDP reflectors/amplifiers to the Internet,” Netscout researchers Roland Dobbins and Steinthor Bjarnason said.

“This may include partial or full interruption of end-customer broadband internet access, as well as additional service disruption due to access/distribution/aggregation/core/peering/transit link capacity consumption.”

Netscout recommends network operators to filter traffic directed towards UDP/32414 and disable SSDP on operator-supplied broadband internet access equipment to mitigate the attack.

The development comes after Netscout, earlier this month, reported that Windows Remote Desktop Protocol (RDP) servers are being abused by DDoS-for-hire services as a reflection/amplification DDoS vector.

Hacking Tools by Novero Lotus with hashtags #Cybercriminals #Plex #Media #Servers #Amplify #DDoS #Attacks

Tags: computer securitycyber attackscyber newscyber security newscyber security news todaycyber security updatescyber updatesdata breachhacker newshacking newshow to hackinformation securityNetwork Securityransomware malwaresoftware vulnerabilitythe hacker news
ShareTweet

Related Posts

Russian Hackers Targeted Ukraine Authorities With Supply-Chain Malware Attack
Blog

Russian Hackers Targeted Ukraine Authorities With Supply-Chain Malware Attack

by Nhan Nguyen
02/25/2021
2.7k
Online Trackers Increasingly Switching to Invasive CNAME Cloaking Technique
Blog

Online Trackers Increasingly Switching to Invasive CNAME Cloaking Technique

by Nhan Nguyen
02/24/2021
2.5k
Experts Warns of Notable Increase in QuickBooks Data Files Theft Attacks
Blog

Experts Warns of Notable Increase in QuickBooks Data Files Theft Attacks

by Nhan Nguyen
02/24/2021
2.7k
Everything You Need to Know About Evolving Threat of Ransomware
Blog

Everything You Need to Know About Evolving Threat of Ransomware

by Nhan Nguyen
02/24/2021
2.7k
Critical RCE Flaws Affect VMware ESXi and vSphere Client — Patch Now
Blog

Critical RCE Flaws Affect VMware ESXi and vSphere Client — Patch Now

by Nhan Nguyen
02/24/2021
1.6k
Experts Find a Way to Learn What You’re Typing During Video Calls
Blog

Experts Find a Way to Learn What You’re Typing During Video Calls

by Nhan Nguyen
02/23/2021
1.5k
Load More
Next Post
WARNING — Hugely Popular ‘The Great Suspender’ Chrome Extension Contains Malware

WARNING — Hugely Popular 'The Great Suspender' Chrome Extension Contains Malware

0 0 vote
Article Rating
Subscribe
Connect with
I allow to create an account
When you login first time using a Social Login button, we collect your account public profile information shared by Social Login provider, based on your privacy settings. We also get your email address to automatically create an account for you in our website. Once your account is created, you'll be logged-in to this account.
DisagreeAgree
Notify of
guest
Connect with
I allow to create an account
When you login first time using a Social Login button, we collect your account public profile information shared by Social Login provider, based on your privacy settings. We also get your email address to automatically create an account for you in our website. Once your account is created, you'll be logged-in to this account.
DisagreeAgree
guest
0 Comments
Inline Feedbacks
View all comments

New Posts Updated

Intro YouTube Nhan Nguyen Channel

Intro YouTube Nhan Nguyen Channel

1 month ago
8.8k
Russian Hackers Targeted Ukraine Authorities With Supply-Chain Malware Attack

Russian Hackers Targeted Ukraine Authorities With Supply-Chain Malware Attack

2 months ago
2.7k
Online Trackers Increasingly Switching to Invasive CNAME Cloaking Technique

Online Trackers Increasingly Switching to Invasive CNAME Cloaking Technique

2 months ago
2.5k
Experts Warns of Notable Increase in QuickBooks Data Files Theft Attacks

Experts Warns of Notable Increase in QuickBooks Data Files Theft Attacks

2 months ago
2.7k
Everything You Need to Know About Evolving Threat of Ransomware

Everything You Need to Know About Evolving Threat of Ransomware

2 months ago
2.7k

BROWSE BY CATEGORIES

  • Blog
  • Dark Web
  • Downloads
  • Envato Free
  • Hacking Tools
  • Plugins
  • Social Network
  • Themes & Templates
  • Tools Free
  • Tools Free
  • Tutorial
  • Video

BROWSE BY TOPICS

AI Buidl computer security Counterfeited Money Credit Cards cyber attacks cyber news cyber security news cyber security news today cyber security updates cyber updates Dark Web data breach Deep Web Digital Virtual Hacker hacker news Hackers Hacking hacking news Hacking Tools how to hack information security Learn Python Linux Network Security PayPal Accounts Python Python Basic ransomware malware software vulnerability the hacker news Theme Blog / Magazine Theme Corporate Theme Creative Theme eCommerce Theme Free Theme Null Theme Real Estate Theme Wordpress Tool Tools Tor Tor Project’s Windows

Ads




POPULAR NEWS

  • Intro YouTube Nhan Nguyen Channel

    Intro YouTube Nhan Nguyen Channel

    0 shares
    Share 0 Tweet 0
  • Trusted Links on Dark Web update 2021

    3826 shares
    Share 0 Tweet 0
  • Hack Facebook Password 2021 100% Success in 2 minutes

    5712 shares
    Share 0 Tweet 0
  • Dark Web Scam Vendors & Markets List

    6714 shares
    Share 0 Tweet 0
  • Russian Hackers Targeted Ukraine Authorities With Supply-Chain Malware Attack

    0 shares
    Share 0 Tweet 0
  • Experts Warns of Notable Increase in QuickBooks Data Files Theft Attacks

    0 shares
    Share 0 Tweet 0
  • Everything You Need to Know About Evolving Threat of Ransomware

    0 shares
    Share 0 Tweet 0
  • Online Trackers Increasingly Switching to Invasive CNAME Cloaking Technique

    0 shares
    Share 0 Tweet 0
  • The truth about the dark web fraud trade

    37 shares
    Share 0 Tweet 0
  • VmWare Tutorials

    53 shares
    Share 0 Tweet 0
  • Bitcoin
  • About
  • Trusted Links
  • Advertise
  • Careers
  • Donate
  • Contact

TM + © 2013 - 2021 Hacking Tools Online Platforms .

No Result
View All Result
  • The Hacker News
  • Bitcoin
  • Tools
    • Hacking Tools
    • Ecommerce
    • Social Network
    • Tools Free
  • Downloads
    • Software
    • Tools Free
    • Mobile Apps
    • Scripts
    • Envato Free
    • Plugins
    • Themes & Templates
    • Free Online Courses
  • Tutorial
  • Video
  • Dark Web
  • Blog
  • Donate Us
  • Contact Us

TM + © 2013 - 2021 Hacking Tools Online Platforms .

0
0
Would love your thoughts, please comment.x
()
x
| Reply