A new distributed denial-of-service attack (DDoS) vector has ensnared Plex Media Server systems to amplify malicious traffic against targets to take them offline.
“Plex’s startup processes unintentionally expose a Plex UPnP-enabled service registration responder to the general Internet, where it can be abused to generate reflection/amplification DDoS attacks,” Netscout researchers said in a Thursday alert.
Plex Media Server is a personal media library and streaming system that runs on modern Windows, macOS, and Linux operating systems, as well as variants customized for special-purpose platforms such as network-attached storage (NAS) devices and digital media players. The desktop application organizes video, audio, and photos from a user’s library and from online services, allowing access to and stream the contents to other compatible devices.
DDoS attacks typically involve flooding a legitimate target with junk network traffic that comes from a large number of devices that have been corralled into a botnet, effectively causing bandwidth exhaustion and leading to significant service disruptions.
A DDoS amplification attack occurs when an attacker sends a number of…