Wednesday, August 27, 2014

Massive DDoS attacks from Facebook datacenters

The issue is being first reported by Teofil Cojocariu, a researcher with the Cyber Security Research Center from Romania (CCSIR) in June when Facebook added a new feature allowing administrators to refresh the content of attachments. Cojocariu created an exploit that can cause DDoS attacks through Facebook datacenters. After Facebook fixed the issue, the impact on smaller websites especially with limited bandwidth could be more devastating. Larger companies are no more vulnerable to this after getting the patch. First, the intruder look for large image on the vulnerable server/website and published that image link on a Facebook page with Only Me privacy parameter. Then attacker uses "Refresh share attachment" feature which refreshes the attachment and captures the request. By forcing server to request for the same file can cause huge traffic. <more>

No comments: