Corero shares a kill switch for the Memcached vulnerability and reports the flaw is more extensive than originally believed.
Corero Network Security has disclosed a “kill switch” for the Memcached vulnerability to national security agencies and shared new evidence indicating the flaw is more dangerous than previously believed. For the first time, threat actors have been exploiting unsecured Memcached servers to launch distributed denial-of-service (DDoS) attacks on target businesses.
Memcached is an open-source memory caching system that stores data in RAM to accelerate access times. It was not built for Internet access; users don’t have to authenticate. This exploit lets attackers create spoof requests and boost attacks up to 50,000 times.