The popular web hosting and domain name provider, Namecheap is under a massive DDoS attack from unknown attackers. Starting yesterday morning, 300 domain names hosted by Namecheap have been brought down by the hackers. Namecheap on its blog accepted that this was perhaps one of the largest Distributed Denial of Service attacks the world has seen or “anyone has seen or dealt with.”
Early Thursday morning more than 300 domain names hosted by Namecheap were targeted in a penetrative DDoS attack where the hackers brought down the websites. The attack also affected the Email Forwarding and URL Forwarding service provided by Namecheap. The massive attack may have caused many websites to go down as well as caused wide-spread connectivity issues among the hundreds of thousands of other domain names using Namecheap’s DNS platform. Acknowledging the DDoS attack, Namecheap CEO Richard Kirkendall and Vice President Matt Russell said on Namecheap blog
“Today is one of the days that, as a service provider who strives to deliver excellence day in and day out, you wish you never had”
Kirkendall and Russell added that though Namecheap servers are often targeted for such localised DDoS attacks and their security team mostly fends them off but yesterdays attack was monumental and too massive to be able to contained by the security staff.
“The sheer size of the attack overwhelmed many of our DNS servers, resulting in inaccessibility and sluggish performance, Our initial estimates show the attack size to be over 100Gbps, making this one of the largest attacks anyone has seen or dealt with. And this is a new type of attack, one that we and our hardware and network partners had not encountered before.”
Namecheap said that the attackers chiefly targeted its FREE DNS and Default DNS v2 Nameservers (freedns1-5.registrar-servers.com, dns1-5.registrar-servers.com). It has asked its users who are using the domain names with above Nameservers to login to their accounts and switch the Nameservers as follows :
Sign in to your Namecheap account
Select Manage Domains in the My Account area. It can be reached by clicking on your username on the black bar located at the top of the page
Click on the domain you wish to modify and select Switch to DNS System V 1
Put a check mark on Transfer your domain to DNS System V 1
When you have done the above ‘Click Save Changes’ and hopefully you should not face any downtime. The Namecheap has said that as of now the issue is resolved but has not given clarifications as to how the attack was initiated by the hackers or the actual number of websites hit by the attackers.
techworm will keep you updated on further news from Namecheap