Pierluigi Paganini
October 04, 2021
Users worldwide are not able to access Facebook, Instagram, and WhatsApp services due to a BGP problems. Users attempting to visit the above services are displaying “DNS_PROBE_FINISHED_NXDOMAIN.”
The mobile applications of the social network giant and its Tor hidden services are also not working.
At the time of this writing, it is unclear if the outage is the result of a technical issue or it is the result of a cyber attack against the infrastructure of the social network giant.
John Graham-Cumming, CTO at Cloudflare, reported that some minutes before Facebook’s DNS outage began they observed a large number of BGP changes for Facebook’s ASN a circumstance that suggests BGP routing problems. The expert also warned of a massive flood of DNS traffic asking for http://facebook.com.”
“Now, here’s the fun part. @Cloudflare runs a free DNS resolver, 1.1.1.1, and lots of people use it. So Facebook etc. are down… guess what happens? People keep retrying. Software keeps retrying. We get hit by a massive flood of DNS traffic asking for http://facebook.com” states the Graham Cumming.
“But that’s not all. Now human behavior and application logic kicks in and causes another exponential effect. A tsunami of additional DNS traffic follows.” reads a post published by Cloudflare. “This happened in part because apps won’t accept an error for an answer and start retrying, sometimes aggressively, and in part because end-users also won’t take an error for an answer and start reloading the pages, or killing and relaunching their apps, sometimes also aggressively. This is the traffic increase (in number of requests) that what we saw on 1.1.1.1”
Relax everyone. It's October, the cyber-security awareness month and Facebook simply wants to make us aware of the cyber-security problems of the BGP protocol.
— Vess (@VessOnSecurity) October 4, 2021
This is frontend DNS stats from one of the smaller ISPs I operate. DNS traffic has almost doubled. pic.twitter.com/hqzGVCNTPL
— Theodore Baschak (@TheodoreBaschak) October 4, 2021
“We’re aware that some people are having trouble accessing our apps and products. We’re working to get things back to normal as quickly as possible, and we apologize for any inconvenience.” Facebook communications executive Andy Stone wrote on Twitter.
We’re aware that some people are having trouble accessing our apps and products. We’re working to get things back to normal as quickly as possible, and we apologize for any inconvenience.
— Andy Stone (@andymstone) October 4, 2021
We’re aware that some people are having trouble accessing our apps and products. We’re working to get things back to normal as quickly as possible, and we apologize for any inconvenience.
— Meta (@Meta) October 4, 2021
To better understand why Facebook disappeared from the Internet give a look at this excellent post from Cloudflare:
https://blog.cloudflare.com/october-2021-facebook-outage/
Immediately after the service were sliding going up again the popular investigator Brian Krebs posted:
From trusted source: Person on FB recovery effort said the outage was from a routine BGP update gone wrong. But the update blocked remote users from reverting changes, and people with physical access didn't have network/logical access. So blocked at both ends from reversing it.
— briankrebs (@briankrebs) October 4, 2021
Update: 11:00 PM GMT, October 4, 2021:
After more than six hours of outage, Facebook, Instagram, and WhatsApp are slowly coming back online:
To the huge community of people and businesses around the world who depend on us: we're sorry. We’ve been working hard to restore access to our apps and services and are happy to report they are coming back online now. Thank you for bearing with us.
— Meta (@Meta) October 4, 2021
Below is my interview at TRT: What does the outage say about Facebook’s own security and infrastructure?
Follow me on Twitter: @securityaffairs and FB
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, social network)
[adrotate banner=”5″]
[adrotate banner=”13″]
