High Load DDoS Attack - Blog2020-02-01
This might just be another botnet looking to gather more followers into the herd, or it might be a directed attack against SIXTEENmm.
- There's about 10,000 requests/second hitting HTTP endpoints
- Most attacks are trying to hit the search page with a payload.
- Somebody seems to believe there's an RCE in our search engine. We cannot currently confirm that, even using the series of attacks that are hitting.
- There is no reason to believe there is an RCE. This attack seems to be searching for one.
- Attacks are coming from three different VPS groups.
Timeline of events:
- 7:15PM - Attack begins
- 7:18PM - Server alarm goes off and investigation begins
- 7:38PM - Attack reaches 10,000 requests/second
- 8:24PM - Server restarted
- Search locked to users only
- Search memory usage reduced
- 8:38PM - VPS providers notified
- 9:11PM - Attack seems to have stopped
- 2020-06-26 Gunsmith Hits HD
- 2020-06-11 Creating Something From Nothing
- 2020-03-18 Filmscope Progress
- 2020-03-10 2019 Releases
- 2020-03-05 Downtime Postmortem
- 2020-02-12 Temporary Signup Problems
- 2020-02-12 Statistics
- 2020-02-01 Search Regression
- 2020-02-01 High Load DDoS Attack
- 2020-01-30 The Phantom reCreeps
- 2020-01-25 Simple is Best
- 2020-01-06 New Features
- 2020-01-04 Displaying Credit
- 2019-12-29 Performance Enhancements
- 2019-12-18 Experimental Rendering
- 2019-12-10 MPV Support
- 2019-12-03 Introducing Filmscope
- 2019-11-21 DDoS Attack
- 2019-11-20 Security Report
- 2019-11-20 Report
- 2019-10-21 The World of Preservation
- 2019-10-15 Endless Battle For Quality
- 2019-10-06 Giving Back
- 2019-10-02 What's in a Cookie?
- 2019-10-01 PGP
- 2019-09-28 SIXTEENmm