Major websites have gone down worldwide — The reason is still unclear but a major DNS provider is suffering a massive DDoS attack and experts are connecting the dots.

Twitter, Reddit, Spotify, Etsy, Box, Wix Customer Sites Squarespace Customer Sites and bunch of other websites were offline earlier today. That’s because someone conducted a massive distributed denial of service (DDoS) attack on the Dyn, a world renowned Domain Name Servers (DNS) service provider.

Also Read: Meet Linux.Mirai Trojan, a DDoS nightmare

In a statement, Dyn acknowledged that their servers are under DDoS attack.

Starting at 11:10 UTC on October 21th-Friday 2016 we began monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure. Some customers may experience increased DNS query latency and delayed zone propagation during this time. Updates will be posted as information becomes available. This attack is mainly impacting US East and is impacting Managed DNS customer in this region. Our Engineers are continuing to work on mitigating this issue. https://twitter.com/Dyn/status/789444349998268416

Imagine a scenario where a DNS provider that is used by Reddit, Twitter or Facebook is under DDoS attack, there is no way a user can visit any of these sites and it looks like that’s what’s going on right now. There are several websites that were down this morning including Twitter, Reddit, Spotify, Esty, Box, Wix Customer Sites Squarespace Customer Sites, Shopify, SoundCloud, Github, Airbnb, Reddit, Freshbooks and Heroku. However, some sites are already coming back online.

The issue has now been located and resolved – thanks a lot for your patience. — SoundCloud Support (@SCsupport) October 21, 2016

We're seeing playback issues on iOS. Engineers are investigating the cause. For updates check our Status blog https://t.co/9anKTSU2Gj — SoundCloud Support (@SCsupport) October 21, 2016

The upstream DNS incident has been resolved. We continue to monitor our systems while they deliver a backlog of webhook events. — GitHub Status (@githubstatus) October 21, 2016

Also Read: US Emergency Phone System ‘911’ Can Be Hacked Through TDoS Attack

[fullsquaread][/fullsquaread]

Also Read: OVH hosting suffers 1Tbps DDoS attack; largest Internet has ever seen

List of sites that currently down according to our lovely readers:

MySpace.com

Box.com

Twitter.com

Schoology and Apex

Npmjs.com (Node Package Manager (major javascript package manager)

Roblox.com

Github.com

Spotify.com

Shopify.com

Freshbooks.com

Netflix.com (slow loading time)

The Boston Globe

The New York Times

PayPal

Theverge.com

Pinterest.com

Constantcontact.com

Playstation Network (PSN)

Revcontent.com

Fox News

Elder Scrolls Online

Starbucks rewards/gift cards

Braintree

Zoho CRM

xbox.com

Indeed.com

ActBlue

Grubhub

Kayak

Basecamp

Yammer

Ancersty.com

Mashable

Intercom.com

Disqus

Eventbrite

Wufoo.com

Iheart.com (iHeartRadio)

Business Insider

Imgur

NHL.com

Cleveland.com

Credit Karma

Squarespace Customer Sites

Atom.io

Wikia

Weebly

nimbleschedule.com

Okta

Big cartel

Zendesk.com

Blue Host

dailynews.com

Twillo

Intercom

donorschoose.org

Eve Online

Weather.com

PagerDuty

Recode

Wix Customer Sites

Speed Test

Salsify.com

Yelp

People.com

Wired.com

Genonebiology.com

Guardian.co.uk

HBO Now

youneedabudget.com

time.com

Qualtrics

BBC

Etsy

CNN

Urbandictionary

SBNation

Zillow.com

WSJ.com

Bill.com

WhatsApp.com

MLB.com

Namecheap.com

Chewy.com

Applicant Tracking System and Recruiting Software | iCIMS.com

WorkMarket

Quora

Kijiji

PayCor

My.WPengine

Dyn.com

Netlog

HomeLight

Sterlingbank.com (sign in issues)

ipage.com

isitdownrightnow.com

Livestream.com

IndieGoGo Fortune

CNBC.com

FT.com

Survey Monkey

Paragon Game

Runescape



In an exclusive conversation with IEEE senior member Kevin Curran, HackRead was told that:

“If you want to understand what really happens in a DDOS attack, then you just need to look into SYN flood attacks. A SYN flood is a denial-of-service attack in which an attacker sends a succession of SYN requests to a target’s system in an attempt to consume enough server resources to make the system unresponsive to legitimate traffic.”

At the time of publishing this article, some sites were still down whilst Dyn was still dealing with the attack.

Update (9:37 PM Friday, October 21, 2016, Greenwich Mean Time (GMT))

It looks like the attacks have been stopped and sites that were gone offline are now coming back online. On the other hand, Dyn has tweeted that their advanced service monitoring issue is currently resolved. They are still investigating and mitigating the attacks on our infrastructure.

Our advanced service monitoring issue is currently resolved. We are still investigating and mitigating the attacks on our infrastructure. — Dyn (@Dyn) October 21, 2016

Update:

Dyn has been acquired by Oracle, click here for more details about this acquisition.