securelist has the story
elasticsearch is an open source Cloud software running on a lot of cloud companies. As it is a search and analytics engine.
But apparently it has a vulnerability which hackers are abusing.
“ including a bot implementing some extraordinary DNS amplification DDoS functionality. Operators of these bots are currently active, and we observe new variants of the trojan building bigger botnets.” from the Securelist article.
And apparently the Elasticsearch open source drivers are on summer holiday for another 3 weeks at least.
The culprit may be that the cloud companies are not upgrading to the latest elasticsearch (released before the holiday). 1.3.1 today 7/28/2014.
So this may be a Zero-day-cloud event Cloud companies need to upgrade to the latest elasticsearch .