Imperva researchers devised a way to exploit the UPnP protocol to bypass mitigations and carry out crippling DDoS attacks. The PoC stems from Imperva s analysis of reflection-based attacks in 2017 that exploited varying protocols to magnify their impact. In March, GitHub suffered a massive DDoS attack, measuring 1.3 Tbps of sustained traffic for eight minutes, where the attacker used the memcached amplification technique. There is no reason to assume that other amplification vectors (e.g., Memcached) will not work just as well, researchers said.
Source: https://threatpost.com/attackers-use-upnp-to-sidestep-ddos-defenses/131981/