Researchers have uncovered Win-DDoS, a new attack technique that weaponizes public domain controllers to create a powerful botnet for DDoS attacks without requiring code execution or credentials. This method leverages LDAP referral flaws in Windows systems, posing serious threats to both public and private infrastructure. #WinDDoS #LDAPVulnerabilities
Keypoints
- The Win-DDoS technique manipulates LDAP referral processes to turn domain controllers into DDoS bots.
- The attack can harness thousands of public DCs to generate high bandwidth DDoS traffic anonymously.
- Numerous LDAP and Windows services vulnerabilities (CVE-2025-26673, CVE-2025-32724) can be exploited for DoS attacks.
- The attack does not require code execution, credentials, or purchasing infrastructure, making it hard to detect.
- Findings reveal serious risks for both external and internal Windows systems, challenging assumptions about internal system safety.
Read More: https://thehackernews.com/2025/08/new-win-ddos-flaws-let-attackers-turn.html