DDoS attack Archives

AppWizard

November 27, 2025

Epic Games Store Down Right Now? Why The PC Launcher Is Having Issues

The Epic Games Store is experiencing significant disruptions, with many PC players unable to log in, access their game libraries, or launch titles due to issues with Epic Online Services (EOS) login systems. An active incident titled “EOS Login Issues” has been logged for November 26, 2025, affecting not only the Epic Games Store but also popular games like Fortnite, Rocket League, and Fall Guys. Epic has acknowledged the problems and is investigating, but no timeline for resolution has been provided. Reports indicate that thousands of players are facing launcher errors and login loops. The root cause appears to be a malfunction within EOS, which is responsible for user authentication. Players are advised to check Epic’s status page and avoid local troubleshooting measures. The outage disrupts free game claims, store sales, and access to online titles, but players should not lose their games or purchases as they are linked to their Epic accounts.

Winsage

August 11, 2025

Win-DDoS: Attackers can turn public domain controllers into DDoS agents

SafeBreach researchers have identified critical vulnerabilities in Windows Active Directory domain controllers (DCs), particularly CVE-2025-32724, which can be exploited for distributed denial-of-service (DDoS) attacks using a method called Win-DDoS. This vulnerability allows attackers to manipulate public DCs into connecting to a controlled Lightweight Directory Access Protocol (LDAP) server, directing them to flood a target server with requests. The researchers also highlighted additional vulnerabilities: - CVE-2025-26673 and CVE-2025-49716 enable uncontrolled resource consumption in Windows LDAP and Windows Netlogon, respectively. - CVE-2025-49722 affects Windows Print Spooler Components, potentially crashing DCs and other Windows machines. The first three vulnerabilities can be triggered remotely by unauthenticated attackers, while the last one requires minimal privileges. Microsoft has released security updates for all four vulnerabilities in 2025, and organizations are advised to implement these patches and strengthen their defenses against potential DDoS attacks.

Winsage

August 11, 2025

Silent Cyber Weapon Discovered: Hackers Can Now Turn Your Windows Server into a DDoS Weapon

A new attack method called Win-DDoS can turn publicly accessible Windows domain controllers into a botnet for distributed denial-of-service (DDoS) attacks, as presented by SafeBreach researchers at DEF CON 33. This method exploits vulnerabilities in Windows' Lightweight Directory Access Protocol (LDAP) client code, allowing attackers to redirect traffic from compromised domain controllers to a target server without needing malicious code or stolen credentials. The attack involves initiating an RPC request to the DCs, connecting them to the attacker's CLDAP server, and receiving a referral list that directs traffic to a single IP and port, overwhelming the victim's resources. Microsoft has issued patches for four related vulnerabilities: CVE-2025-26673, CVE-2025-32724, CVE-2025-49716, and CVE-2025-49722, which can allow unauthenticated attackers to crash domain controllers or disrupt internal systems. SafeBreach warns that enterprise security models often underestimate the risks of denial-of-service attacks on internal infrastructure. Organizations are urged to audit domain controller exposure, apply security patches, and reassess the safety of their internal networks.

Winsage

August 11, 2025

Win-DoS Epidemic: New DoS and DDoS Attacks Start with Microsoft Windows

During DEF CON 33, Yair and Shahak Morag from SafeBreach Labs introduced a new category of denial-of-service (DoS) attacks called the “Win-DoS Epidemic.” They identified four significant Windows DoS vulnerabilities, all categorized as “uncontrolled resource consumption,” including: - CVE-2025-26673 (CVSS 7.5): High-severity DoS vulnerability in Windows LDAP. - CVE-2025-32724 (CVSS 7.5): High-severity DoS vulnerability in Windows LSASS. - CVE-2025-49716 (CVSS 7.5): High-severity DoS vulnerability in Windows Netlogon. - CVE-2025-49722 (CVSS 5.7): Medium-severity DoS vulnerability in the Windows print spooler, requiring an authenticated attacker on an adjacent network. These vulnerabilities can incapacitate Windows endpoints and servers, including domain controllers (DCs), which are essential for managing authentication and resources in enterprise networks. The researchers also revealed a new DDoS attack method, termed Win-DDoS, which exploits a flaw in the Windows LDAP client referral process, allowing attackers to redirect DCs to a victim server and continuously repeat this redirection, creating a large-scale DDoS botnet using public DCs without leaving forensic traces.

TrendTechie

July 19, 2025

Владелец неработающего торрент-сайта получил 5 лет тюрьмы за пиратство

A 59-year-old Greek national was sentenced to five years in prison and fined €10,000, along with court costs of €1,800, for operating the torrent site P2Planet from 2011 to 2014, which hosted over 14,000 torrent links. His case is the second of its kind in Greece's legal history. The final verdict was delivered on May 29, and he had been awaiting sentencing since his arrest in 2014. The site experienced a DDoS attack that led to a database breach, which likely aided law enforcement in his apprehension. A similar case in the past resulted in a five-year prison sentence for another torrent site owner, but without a financial penalty.

TrendTechie

April 18, 2025

Прекратил работу главный торрент-трекер России. Причины неизвестны. Опрос

As of 11:00 PM on April 15, 2025, Rutracker has resumed operations after a significant outage that began around 5:00 PM Moscow time the same day. Users from major Russian cities reported difficulties accessing the site, which has been permanently blocked in Russia since 2016. During the outage, users encountered a "Web Server Down" message due to a 521 error from Cloudflare, indicating a connection termination. The access issues appeared to affect only Russian users, as individuals in Italy and Kazakhstan could still access Rutracker. This incident marks the third occurrence in six months raising concerns about the future of popular web resources among Russians. Rutracker had previously announced its own anti-Russian sanctions in March 2022 but continued to be accessible to Russian users until this outage. In January 2023, Rutracker experienced another outage lasting nearly a full day. The recent issues have been attributed to hosting problems, although some users reported no access issues during that time.

TrendTechie

February 4, 2025

Overclockers.ru: Telegram заблокировал канал торрент-трекера RuTracker

Telegram has suspended the official channel of the torrent tracker RuTracker (@rutracker_news) for copyright violations. The channel, created in 2017, had around 29,000 subscribers and posted only 21 times since its inception, with the last updates in January 2025 regarding outages. RuTracker, launched in 2004, has faced legal challenges, including a court-ordered block in Russia since 2016, and continues to operate despite being largely inaccessible to most users in Russia. In early 2021, RuTracker raised over 1.8 million rubles through crowdfunding for hard drives to store rare torrents. Telegram's suspension of the channel is part of its stricter policies against internet piracy, which have led to the removal of other channels associated with pirated content, such as Z-Library and Anna’s Archive.

AppWizard

September 3, 2024

This mind-blowing Minecraft demake created by a porting genius for the GameCube now boasts a render distance higher than the official Switch version’s

Meesedev is developing a "demake" of Minecraft for Nintendo's GameCube, utilizing a custom engine that has integrated 25 million blocks, showcasing impressive technical achievements. The game features original content with elements inspired by Minecraft, and the developer plans to replace Mojang's assets with their own before launch. Additionally, the gaming community recently experienced a significant DDoS attack on a Minecraft server, involving 3.15 billion packets per second from multiple countries.

AppWizard

September 2, 2024

Record-Breaking 3.15 Billion Packets Per Second DDOS Attack Towards Minecraft Server

Global Secure Layer (GSL) successfully mitigated a historic Distributed Denial of Service (DDoS) attack on a Minecraft gaming server that peaked at 3.15 billion packets per second (Gpps) on August 25, 2024. The attack had a bitrate of 849 Gbps and was the largest DDoS attack publicly recorded, surpassing previous records by 3.2 to 3.5 times. It was preceded by a smaller attack peaking at 1.7 Gpps, which likely served as reconnaissance for the larger assault. The attack originated from regions including Russia, Vietnam, and Korea, with significant traffic contributions from Korea Telecom and vulnerabilities in MAX-G866ac devices linked to CVE-2023-2231. GSL's mitigation strategies included reconfiguring targeted prefixes within 15 minutes and employing a heuristics anomaly detection engine, resulting in mitigation times of less than 100 milliseconds.

AppWizard

August 29, 2024

The “largest ever” DDOS attack was reportedly the “carpet bombing” of a Minecraft server weathering 3.15 billion packets per second from Russia and 17 other countries

Global Secure Layer reported a DDoS attack on August 25 that reached 3.15 billion packets per second (PPS), targeting a Minecraft gaming customer. The attack originated from a botnet primarily based in Russia, with traffic from 17 other countries. This incident is the largest publicly reported packet rate attack, exceeding previous records by a factor of 3.2 to 3.5 times. The attack occurred in two phases, starting with a preliminary strike on August 24 that peaked at 1.7 Gbps, followed by a full-scale attack the next day. The attack lasted just over an hour, with the highest botnet activity recorded in Russia, Vietnam, and South Korea, which accounted for 42.8% of the total traffic. A total of 42,209 sources were identified in the attack.