A distributed denial of service attack against Dyn, the dynamic DNS service, affected the availability of dozens of major websites and Internet services this morning, including Twitter and Reddit. The attack,
which began this morning at 7:10am Eastern Time (12:10pm UK), is apparently focused on Dyn’s US East Coast name servers.
"This morning, Dyn received a global DDoS attack on our Managed DNS infrastructure in the east coast of the United States,” Doug Madory, Director of Internet Analysis at Dyn, said in an e-mail sent to Ars this morning. "DNS traffic resolved from east coast name server locations are experiencing a service interruption during this time.” By 9:20am ET this morning, Dyn had mitigated the attack and services returned to normal.
[Update, 1:20 PM ET] Less than three hours later, the attack began again, and is still in progress.
"As of 15:52 UTC, we have begun monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure," a Dyn spokesperson reported through the company's status page. "Our Engineers are continuing to work on mitigating this issue.This DDoS attack may also be impacting Dyn Managed DNS advanced services with possible delays in monitoring."
Some aspects of Twitter appear to be affected by the latest round, as is the personal website provider Wix.com. The first wave of the attack increased the response time to DNS queries and in some cases delayed the propagation of some address changes. This also meant that some websites and mobile applications, such as Twitter, experienced intermittent outages.
see also