Cloudflare CEO Matthew Price says that,
“Very big NTP reflection attack hitting us right now. Appears to be bigger than the #Spamhaus attack from last year. Mitigating,”Attacker found the vulnerability on the one of the protocol of cloud Network Time Protocol (NTP) which synchronize computer clocks. Hackers have leveraged the NTP servers by sending small spoofed 8-byte UDP packets to the vulnerable server that requests a large amount of data to be sent to the DDoS's target IP Address.
“Someone’s got a big, new cannon. Start of ugly things to come,”
Company says that, all the version of the of ntpd prior to 4.2.7 are vulnerable and are recommended to upgrade it to the latest version. It also mention that, Until all the misconfigured NTP servers are cleaned up, attacks of this nature will continue.