Security researchers have disclosed a new type of attack that amplifies the original packet by a ratio of more than 4 billion to one. The attack is distributed and uses a single packet as a starting point.
A DDoS attack from a single packet is made possible by a flaw in about 2,600 Mitel MiVoice Business Express and MiCollab systems that were incorrectly set up to act as PBX-to-internet gateways. CVE-2022-26143: TP240PhoneHome reflection/amplification DDoS attack.
Security vulnerabilities are a serious problem for companies. In the first attack, a flaw in the company’s system was taken advantage of by hackers. They exploited the vulnerability and primarily focused on ports 80 and 443. The attack was aimed at ISPs, financial institutions, and logistics businesses.