Apple remote desktop DDoS reflectetion (UDP 3283)

Posted by EvolutionCrazy on Jun 28, 2019 in networking |

Here comes just another volumetric DDoS reflected attack.

This time it’s from Apple Remote Desktop (UDP) protocol

The amplification rate looks quite good (35:1)

Apparently there are many hosts online to pick from

65,538 on Shodan right now, seems

A lot of Macstadium host are actively being exploited apparently

If you have your Apple MAC in a DMZ or directly with public IP please properly secure port 3283

Searching online seems someone else is actually seeing this pattern.

Arbor (Netscout) has some more detailed infos published:


Copyright © 2019 All rights reserved. Theme by Laptop Geek.