TFTP abused by DDoSsers

Crooks have come up with a new technique for swamping websites with junk traffic.

Miscreants have begun using a DDoS reflection and amplification method that abuses TFTP (Trivial File Transfer Protocol), Akamai reports.

TFTP is mostly a LAN service used for configuration of devices such as phones and initial installations of operating system software. Despite this some admin are leaving the service hanging out on the open web, creating a resource that’s been abused in a small number of attacks.

The abuse of improperly configured DNS or Network Time Protocol (NTP) to mount DDoS application attacks was and remains a far bigger problem.

Researchers at Edinburgh Napier University were the first to warn about the potential for abuse of TFTP by DDoS varmints back in March. ®