Facebook/Insta FAIL — ‘Anonymous Sudan’ has a Super Tuesday: ‘We Did It.’
2024-3-7 00:30:28 Author: securityboulevard.com(查看原文) 阅读量:15 收藏

Caricature of Mark Zuckerberg, with superimposed text: “oops.”Was yesterday’s Meta outage outrage caused by a Russian DDoS?

Kremlin-affiliated hackers Anonymous Sudan, with two lesser-known groups, Skynet and Godzilla, have claimed responsibility for the downing of Facebook, Instagram and Threads. The massive outage appears to have been localized to Meta’s authentication servers.

If indeed it was a targeted DDoS, Zuck&Co. need to beef up a weak point, pronto. In today’s SB Blogwatch, we can’t help notice yesterday’s date.

Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: Radiohead (vegetarian edition).

Shooper Choosday

In case you’ve been living under a rock, Sarah Perez reports—“Facebook, Instagram and Threads were all down in massive Meta outage”:

People are suspicious
The troubles seem to have started at some point after 10 a.m. ET on Tuesday. … When loading the apps or websites, users receive an error message that “something went wrong” and to try again later, or, in the case of Facebook, they’re taken to a logged-out landing page but are unable to sign in.

It’s highly unusual for Meta to be experiencing a widespread outage like this, given the size and scale of its network and the redundancies built in. For that reason, some people are suspicious about the origins of this outage. [It] comes at a terrible time for any candidates or political organizations looking to do last-minute voter outreach efforts or those reminding people to go vote … in the primary on what’s known as Super Tuesday.

What went wrong? Are you pondering what Coral Tayar’s pondering? “Skynet and Other Groups Claim to Have Attacked”:

Major attack
3 threat actor groups (Skynet, Godzilla, and Anonymous Sudan) have claimed to attack and shut down Facebook, Threads and Instagram. … The fact that it is 3 groups collaborating together … makes it appear that this actually could be a real claim.

These 3 groups have collaborated before. In December 2023 [we] detected the three threat actor groups claiming responsibility for disrupting the Discord login page. They have also collaborated on various other projects together including an attack on ChatGPT.

But … it is quite possible it could be a bluff. … Anonymous Sudan did not notify about the attack in advance, which they often do when undertaking such a major attack, so the group may be bluffing. … As of now there is no proof.

Not only that, but Meta initially confirmed an attack. So says Vilius Petkauskas—“Meta hints security breach behind recent outage”:

Breach of security
We contacted Meta, with an official … hinting that the cause may have been related to security issues: “We’re working on it. There was a breach of security earlier,” … Meta replied.

Attackers often take credit for service disruptions they had nothing to do with in order to inflate their perceived importance and capabilities. … We have reached out to Meta for further clarification about the nature of the “breach of security.”

Where are the “it’s always DNS” crowd? Here’s one—Ikoth:

I’ve got a tenner on DNS. And on “super Tuesday,” too — where’s my tin foil hat?

Weird symptoms, though, right? Not according to lanstin:

Come on, use a little imagination:

    1. DNS lookup for the DB holding the shard with the user credentials disappears.
    2. Code isn’t expecting this, throws a generic 4xx because security instead of a generic 5xx (plenty of people writing auth code will take the stance all failures are presented the same as a bad password or non-existing username).
    3. Caller interprets this a login failure.
    4. Same auth system used to validate logins to the bastions that have access to DNS.
    5. Voilá.

Watch out, Mister Zuckerberg. whlr thinks you’re gonna get dragged up Capitol Hill again:

Looks like somebody is going to get called in to be grilled by a bunch of politicians who want to post snippets of them reaming a CEO.

And nothing of value was lost. But MpVpRb has a different perspective:

I have a different perspective. While I agree that for many, Facebook is time-wasting fluff, many of us use it for business.

I make machines for glasswork and use Facebook to keep in contact with the glassworking community. I show my products and projects and see what glassworkers are making.

I wish there was another alternative [for] connecting people who share a common interest, without pushing stoopid pop culture and targeted ads, but at the moment, Facebook is the only tool I have. And yes, I have looked at alternatives like Mastadon: They are ghost towns.

You think that’s a niche use case? Try Ancapistani’s:

We have a small livestock operation, and won an online auction late last night for a pig about four hours away. Facebook was the only listed means of contacting the person, and we were planning on driving to pick it up this morning.

Now I get to re-arrange my day today to deal with that, and will probably have to take a PTO day from work to drive there later in the week. Real businesses are … impacted by Facebook being down — including those … you might never expect.

Are you not entertained? breakfast isn’t:

It’s a good attempt, but Facebook falling over will never be funnier than when their authentication went down globally and they used that to identify their engineers: … Nobody could log in to fix it or access any of their data centres because that was also tied to their Facebook ID.

Taking angle grinders to their own facilities was such a funny thing for them to have to do.

Meanwhile, joemanaco knows what really happened:

Has a meta developer used ChatGPT again?

And Finally:

Orbis again

Previously in And Finally


You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites … so you don’t have to. Hate mail may be directed to @RiCHi, @richij or [email protected]. Ask your doctor before reading. Your mileage may vary. Past performance is no guarantee of future results. Do not stare into laser with remaining eye. E&OE. 30.

Image sauce: DonkeyHotey (cc:by; leveled and cropped)

Recent Articles By Author


文章来源: https://securityboulevard.com/2024/03/meta-down-anonymous-sudan-richixbw/
如有侵权请联系:admin#unsafe.sh