LinkedIn Outage Origined by DDOS Attack on Network Solutions
The outage suffered by LinkedIn on Wednesday was caused by an issue with DNS servers. Cybercriminals were not directly accountable for the LinkedIn downtime, but they indirectly played a part.
Security researchers from Cisco have been monitoring the events and they found that a number of organizations with domain names registered with Network Solutions had problems similar to LinkedIn.
“Their DNS nameservers were replaced with nameservers at ztomy.com. The nameservers at ztomy.com were configured to reply to DNS requests for the affected domains with IP addresses in the range 126.96.36.199/24,” Cisco’s Jaeson Schultz explained in a blog post.
“Cisco observed a large number of requests directed at these confluence-network IP addresses. Nearly 5000 domains may have been affected based on passive DNS data for those IPs.”
But what caused the name servers to be replaced?
According to Network Solutions, they were hit by a distributed denial-of-service (DDOS) attack on Wednesday night.
“In the process of resolving a Distributed Denial of Service (DDoS) incident on Wednesday night, the websites of a small number of Network Solutions customers were inadvertently affected for up to several hours,” Network Solutions stated.
They reassure customers that no data has been compromised as a result of the incident.
So, as Cisco highlights, the issues experienced by LinkedIn and others are the result of both malicious activity and misconfiguration.
Chat With Our System Analyst To Remove All Kinds Of Threats And Get Online Technical Support.