Warning: INSERT command denied to user 'dbo292345962'@'74.208.59.105' for table 'watchdog' query: INSERT INTO watchdog (uid, type, message, variables, severity, link, location, referer, hostname, timestamp) VALUES (0, 'php', '%message in %file on line %line.', 'a:4:{s:6:\"%error\";s:12:\"user warning\";s:8:\"%message\";s:400:\"INSERT command denied to user 'dbo292345962'@'74.208.59.105' for table 'captcha_sessions'\nquery: INSERT into captcha_sessions (uid, sid, ip_address, timestamp, form_id, solution, status, attempts) VALUES (0, 'd5c3b01e3ea92f0c59dce843f91a5225', '3.233.226.151', 1573511565, 'comment_form', 'dbd5d0d15d0ee8d4e70836f22586a598', 0, 0)\";s:5:\"%file\";s:62:\"/homepages/25/d199835659/htdocs/ID/modules/captcha/captcha.inc\";s:5:\"%line\";i:99;}& in /homepages/25/d199835659/htdocs/ID/includes/database.mysql.inc on line 135
DDoS Hack on Twitter and Facebook | Inferno Development

DDoS Hack on Twitter and Facebook

DDoS Hacked

Twitter and Facebook were targeted by hackers today in a powerful DDoS attack similar to those against government sites in July 2009. Twitter was down for quite a few hours and as a result, the United States was actually doing real serious work at their jobs today.

DDoS (Distributed denial of service attack) is basically a system in which a hacker uses multiple sources to overload web servers with so many requests that the servers cannot handle them all.

The hackers must use botnets (trojan/worm infected computers across the web, who are unknowingly aiding the hackers) to send commands to many infected computers in order to send requests to twitter or facebook servers, sometimes using multiple threads.

Most likely, an attack of this scale is done from outside of the US in order to avoid being caught (although it is also possible for malware creators to spread their malware undetected).

Twitter CEO Biz Stone put up a message on their official Twitter blog today explaining what happened:

Quote:

On this otherwise happy Thursday morning, Twitter is the target of a denial of service attack. Attacks such as this are malicious efforts orchestrated to disrupt and make unavailable services such as online banks, credit card payment gateways, and in this case, Twitter for intended customers or users. We are defending against this attack now and will continue to update our status blog as we continue to defend and later investigate.

Facebook has not commented, though their services were not as badly injured.

Most servers place restrictions on requests, limiting the rate at which requests can be made. In fact, twitter has rate limiting for their Twitter API, looking up HTTP responses from twitter you can see your own account's rate limit X-RateLimit-Limit--Twitter most likely had very strong protections against DDoS attacks but still--It was most likely a very powerful attack to bring down those massive twitter servers.

To those web developers worried about DDoS attacks on your website, try to use rate limiting in your code, or track the number of visitors that have come to your site in the last few minutes, if it goes over a certain number, block access to certain resource-intensive areas of your site (usually code that is very high in SQL queries).

Update:
Facebook Executives believe that a Georgian blogger named Cyxymu had accounts on twitter, facebook, and google blogger and was targeted by Russian hackers to silence his opinions. Seems like a lot of effort to bring down one guy--dissent must not exist!

Tomescu Alin's picture

So that's why I couldn't

So that's why I couldn't retweet stuff a couple of hours ago...

————

Get Linux or die tryin'

Brian Anderson's picture

Indeed, that's exactly why. I

Indeed, that's exactly why. I thought my internet was broken hehe.

Bob's picture

Wow, I heard the blogger said

Wow, I heard the blogger said "sorry for the attacks on twitter" and said that "the Russian KGB is responsible"! Cool lol.

Jordan's picture

Yeah I was wondering what was

Yeah I was wondering what was going on with twitter.

Thomas Dent's picture

Work really drags on when

Work really drags on when BOTH of these sites are down!!!

Thomas's picture

Yeah no kidding, it actually

Yeah no kidding, it actually forced me to do some work...I hate my job!

Joanna's picture

I was wondering why they were

I was wondering why they were both down, thanks for explaining.

Zeynep's picture

Twitter is down half the time

Twitter is down half the time without these attacks, why not attack somewhere else?

Felicity Sanders's picture

LoL another Georgian attack

LoL another Georgian attack by the Russians haha. But they had to take down all of twitter rofl.

Olivia Culp's picture

Unbelievable, I hope it won't

Unbelievable, I hope it won't become a frequent thing, maybe those guys will get caught or something.

Marketa's picture

Yeah I thought my facebook

Yeah I thought my facebook account was hacked, that was just not cool.

rick's picture

In these circumstances

In these circumstances protection software makes more and more sense to me. It seems so easy for hacker to break into account that it makes me wonder how safe do we really are... Now I am seriously considering a reliable business security software, the best on the market is my only option...

Post new comment

The content of this field is kept private and will not be shown publicly. If you have a Gravatar account associated with the e-mail address you provide, it will be used to display your avatar.