DynDNS Hit by Attack, Several Websites Go Down

The DynDNS IT service suffered a major DDoS attack on Friday 21 October. This affected a large number of well-known and widely used websites. Among them, notable names include Amazon, Netflix, Twitter, Spotify, Reddit, PayPal, and many others.
The attack was so massive that it even spread beyond the United States.

You may have noticed: last Friday, something was wrong on the internet. For 11 hours, several web services used extensively by the public were unavailable.

Websites brought down by a denial-of-service attack

The cause was what is known as a denial-of-service attack (DDoS — Denial of Service Attack) on the DynDNS servers.
This service is known for enabling the resolution of URL addresses to a dynamic IP address. The attack thereby prevented this DNS resolution from taking place.
The result was an outage affecting the impacted sites and services.
This may have affected your own website, if you use any of the services mentioned — such as PayPal.

A three-stage attack

The attack unfolded in 3 stages, carried out from a network of remotely controlled devices consisting of connected objects (routers, IP cameras, etc.) infected by the Iot Mirai virus — already responsible for an attack on the hosting provider OVH the previous month.
The first attack caused the affected sites to become unavailable in the eastern United States.
A second attack extended the problem to the rest of the United States and to Europe.
The third attack was thwarted by measures taken by Dyn and its partners.