Hackers exploit huge internet flaw to launch DOS attacks
The bug converts URLs into IP addresses, hammering a server with traffic to bring it down
A critical flaw in the internet's code is allowing hackers to launch denial-of-service (DOS) attacks to take services offline.
The bug works by converting URLs into IP addresses by crashing the Bind DNS software used by the majority of internet servers.
Bind comes bundled with almost every cPanel, VPS and dedicated server installation and is used by most DNS providers, so the damage it could cause is pretty widespread. When Bind crashes, the DNS service is taken offline and this in turn, stops URLs working.
Although a patch for Bind is available on most Linux-based systems to prevent hackers bringing down the software, it hasn't been fully applied to all internet servers as yet.
The people behind Bind, the Internet Systems Consortium (ISC), said on Twitter: "[The] BIND vulnerability published today is particularly critical. Broadly applicable, easily exploited. Must patch."
Daniel Cid, a networking expert at Sucuri, has written a blog explaining how the bug works and the damage it could cause, which, because Bind is so common, is potentially massive.
He wrote: "Because of its severity we've been actively monitoring to see when the exploit would be live. We can confirm that the attacks have begun. DNS is one of the most critical parts of the Internet infrastructure, so having your DNS go down also means your email, HTTP and all other services will be unavailable."
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
He told the BBC: "A few of our clients, in different industries, had their DNS servers crashed because of it. Based on our experience, server software, like Bind, Apache, OpenSSL and others, do not get patched as often as they should."
Clare is the founder of Blue Cactus Digital, a digital marketing company that helps ethical and sustainability-focused businesses grow their customer base.
Prior to becoming a marketer, Clare was a journalist, working at a range of mobile device-focused outlets including Know Your Mobile before moving into freelance life.
As a freelance writer, she drew on her expertise in mobility to write features and guides for ITPro, as well as regularly writing news stories on a wide range of topics.