IMDB victim of denial-of-service attack

Attack coincides with Amazon's outage and could be related to the online retailer's problems, a security researcher says.

On Friday, Internet movie database IMDB fell victim to a sustained distributed denial-of-service (DDoS) attack that coincided with Amazon.com being offline , says one researcher.

Soups Ranjan, a senior member of the technical staff of network protection and management company Narus, said in a blog that he found evidence that at least one of the IP addresses used by IMDB fell under a sustained DDoS attack between 10:30 a.m. and 1:30 p.m. PDT Friday.

"My attempt to load the IMDB page via a direct connection to the Web server under attack (http://72.21.206.70/) doesn't load the images at all. It becomes interesting when you realize that IMDB seems to be hosted using Amazon Web Service (AWS) since this IP-address is registered as belonging to Amazon."

Ranjan noted that the duration of the attack on IMDB coincided with the amount of time that Amazon was offline on Friday.

He also provided some details, saying that "the attacker seemed to open multiple connections with the IMDB's Web server (port 80) while incrementing his source port for every new connection. The attack's average rate was 3Mbits/sec, certainly not large enough to cause a complete meltdown but probably good enough to delay the legit users. However, there might have been other attacks launched at the same time on IMDB which weren't in the path of our probes."

Tags:
Security
About the author

    As CNET's former resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security.

     

    Join the discussion

    Conversation powered by Livefyre

    Don't Miss
    Hot Products
    Trending on CNET

    HOT ON CNET

    iPhone running slow?

    Here are some quick fixes for some of the most common problem in iOS 7.