Plane-tracking site Flight Radar 24 DDoSed... just as drones spotted buzzing over Azerbaijan and Armenia

That's one way of poking the world's eyes out for a few hours

Popular plane-tracking website Flight Radar 24 has been the victim of multiple DDoS attacks over the past few days – and though the site's operators haven't attributed blame, some have wondered if a regional conflict may have been the cause.

Flight Radar 24, as its name suggests, is a website for the live tracking of air traffic. When it was taken offline in the small hours of this morning, quite a few people were rather irritated.

The site’s Twitter operatives added in later posts that no user data had been compromised, adding that "this attack is focused on denying access to our services”.


When classes are online, how do you get out of school? Florida teen cuffed, charged after crashing cyber-lessons


Flight Radar spokesman Ian Petchenik told The Register: “At this time we understand this to be a very strong DDoS attack [orchestrated] from a single source. While it is not known why we’re being targeted, multiple flight tracking services have suffered attacks over the past two days.”

It was not immediately obvious which other sites had suffered attacks, though some had used their Twitter accounts to inform followers of planned server upgrades and updates to end-user apps.

Open source researchers claim to have picked up the live flight tracks of drones over Armenia and Azerbaijan, following armed skirmishes between the two nations over the long-disputed Nagorno-Karabakh region. The conflict gained a more international dimension earlier today when a Turkish F-16 fighter jet reportedly shot down an elderly Armenian Su-25 Frogfoot ground attack aircraft.

The use of DDoSes against general-interest websites has fallen out of favour in recent years as the script kiddies behind those types of attacks in days of yore a) grew up and b) realised that ransomware is far more lucrative than crayoning over someone else’s website.

With that said, such attacks are still in use: in August someone malicious forced the New Zealand stock exchange offline, while encrypted email biz Tutanota suffered a spate of similar attacks earlier this month.

Whatever the cause of the Flight Radar 24 attacks – one knowledgeable source suggested to El Reg that the Nagorno-Karabakh conflict may have triggered a government determined to control what the wider world can see – they serve as a reminder that even one of the oldest online attack methods can still cause chaos today. ®

Other stories you might like

  • SEC probes Musk for not properly disclosing Twitter stake
    Meanwhile, social network's board rejects resignation of one its directors

    America's financial watchdog is investigating whether Elon Musk adequately disclosed his purchase of Twitter shares last month, just as his bid to take over the social media company hangs in the balance. 

    A letter [PDF] from the SEC addressed to the tech billionaire said he "[did] not appear" to have filed the proper form detailing his 9.2 percent stake in Twitter "required 10 days from the date of acquisition," and asked him to provide more information. Musk's shares made him one of Twitter's largest shareholders. The letter is dated April 4, and was shared this week by the regulator.

    Musk quickly moved to try and buy the whole company outright in a deal initially worth over $44 billion. Musk sold a chunk of his shares in Tesla worth $8.4 billion and bagged another $7.14 billion from investors to help finance the $21 billion he promised to put forward for the deal. The remaining $25.5 billion bill was secured via debt financing by Morgan Stanley, Bank of America, Barclays, and others. But the takeover is not going smoothly.

    Continue reading
  • Cloud security unicorn cuts 20% of staff after raising $1.3b
    Time to play blame bingo: Markets? Profits? Too much growth? Russia? Space aliens?

    Cloud security company Lacework has laid off 20 percent of its employees, just months after two record-breaking funding rounds pushed its valuation to $8.3 billion.

    A spokesperson wouldn't confirm the total number of employees affected, though told The Register that the "widely speculated number on Twitter is a significant overestimate."

    The company, as of March, counted more than 1,000 employees, which would push the jobs lost above 200. And the widely reported number on Twitter is about 300 employees. The biz, based in Silicon Valley, was founded in 2015.

    Continue reading
  • Talos names eight deadly sins in widely used industrial software
    Entire swaths of gear relies on vulnerability-laden Open Automation Software (OAS)

    A researcher at Cisco's Talos threat intelligence team found eight vulnerabilities in the Open Automation Software (OAS) platform that, if exploited, could enable a bad actor to access a device and run code on a targeted system.

    The OAS platform is widely used by a range of industrial enterprises, essentially facilitating the transfer of data within an IT environment between hardware and software and playing a central role in organizations' industrial Internet of Things (IIoT) efforts. It touches a range of devices, including PLCs and OPCs and IoT devices, as well as custom applications and APIs, databases and edge systems.

    Companies like Volvo, General Dynamics, JBT Aerotech and wind-turbine maker AES are among the users of the OAS platform.

    Continue reading

Biting the hand that feeds IT © 1998–2022