Customers of New Zealand communications service provider Spark experienced internet connectivity issues over the weekend due to a distributed denial-of-service (DDoS) attack that seemed to be aimed at web addresses in Eastern Europe, according to a post on the Spark Facebook page.
The DDoS – which was dynamic, but predominately an amplified DNS attack – involved requests passing through the Spark network, the post indicates, adding that the attackers were based overseas.
The attack may have been made possible due to a small number of customers having malware on their devices, or because customers had vulnerable modems that have “open DNS resolver” functionality, according to the post.
Spark disconnected the modems from its network and is contacting the affected customers, and is also adding other security measures to strengthen its network monitoring and management capabilities.