A recent discovery has unveiled a new denial-of-service (DoS) attack method that targets protocols based on User Datagram Protocol (UDP), potentially putting hundreds of thousands of hosts at risk.
Known as Loop DoS attacks, this technique involves connecting servers of these protocols in a way that they endlessly communicate with each other, according to researchers from the CISPA Helmholtz-Center for Information Security.
UDP, being a connectionless protocol, lacks validation of source IP addresses, making it vulnerable to IP spoofing.
Attackers can exploit this vulnerability by sending forged UDP packets with a victim IP address, causing the destination server to respond to the victim, resulting in a reflected denial-of-service (DoS) attack.
Research has shown that specific implementations of UDP protocols like DNS, NTP, TFTP, Active Users, Daytime, Echo, Chargen, QOTD, and Time can be manipulated to create a continuous attack loop.
According to the researchers, this technique involves pairing two network services to respond to each other indefinitely, generating high levels of traffic that lead to a denial-of-service for the systems involved.
The researchers cautioned that once the loop is initiated, even the attackers are unable to stop the attack, highlighting the severity of this vulnerability.
CISPA estimates that around 300,000 hosts and their networks could be exploited to carry out Loop DoS attacks.
Although there is no evidence of this attack being actively used, the researchers warned that the exploitation is straightforward and could impact products from various vendors.
They emphasized the importance of implementing measures like filtering spoofed traffic to mitigate the risk of such attacks.
