Home / Tech News / Biggest DDoS attack on record hits Github

Biggest DDoS attack on record hits Github

A new way to amplify distributed denial-of-service attacks ended up harassing Github on Wednesday. The ensuing DDoS attack generated a flood of internet traffic that peaked at 1.35 Terabits per second, making it the largest on record.

Fortunately, the software development site survived the disruption and was only down for few minutes, Github said on Thursday. Akamai, a DDoS protection provider, managed to fend off the assault.

The bad news? The Github attack may be an omen of things to come. The IT infrastructure that powered Wednesday’s assault is apparently ripe for abuse. “It is highly likely that this record attack will not be the biggest for long,” Akamai warned in a blog post.


More From PCmag

The last time the world saw a 1 Terabit DDoS attack was in 2016. The Mirai botnet, an army of infected computers, managed to bombarded a cloud provider in France with 1.1 Tbps in traffic.

Powering the attacks was how the Mirai botnet had infected tens of thousands of vulnerable IoT devices to generate the internet traffic. However, Wednesday’s attack on Github was different. It didn’t rely on any botnet. The assault actually leveraged what’s known as a “memcache server,” which is usually hooked up to a data center.

As the name suggests, these servers are designed to cache data and speed up web applications and internet sites. However, that same technology can be used to amplify certain internet traffic by up to 51,000 times, according to Cloudflare, another DDoS protection provider.

This can be done when a memcache server spoofs the IP address of an actual website, like Github. The servers can then mistakenly send a flood of data to the victim website, overwhelming it with traffic and taking it offline.


It doesn’t help that many of the memcached servers are running on the open internet. Akamai has noticed over 50,000 vulnerable systems across the globe —making them potential assets hackers can use in DDoS attack schemes.

Last November, Chinese security researchers warned about the potential threat, which is now real. In the past week, both Cloudflare and Akamai have been noticing a wave attacks powered by the memcached servers, but the GitHub assault appears to be the largest so far.

To stop the abuse, DDoS providers like Cloudflare are urging the owners of memcached servers to firewall them or disable part of their functionality.

This article originally appeared on PCMag.com.

About Sandeep Sitoke

I am Sandeep Sitoke SEO & SMO Expert. I have more than 4 years of experience in this field. I love reading and exploring new things every day.

Check Also

nc efi placeholder 310x165 - Lion with luscious head of hair becomes viral sensation

Lion with luscious head of hair becomes viral sensation

Male lions typically begin to get manes beginning across the age of 1 or two, …

Leave a Reply

Your email address will not be published. Required fields are marked *

%d bloggers like this: