bgp-hijack

Earlier today I saw twitter feed of bgpstream about Vodafone AS55410 hijacking a prefix from Brazil. BGP,HJ,hijacked prefix AS270497 24.152.117.0/24, RUTE MARIA DA CUNHA, BR,-,By AS55410 VIL-AS-AP Vodafone Idea Ltd, IN, https://t.co/WvDvQMMDCf — Cisco BGPStream (@bgpstream) April 16, 2021 Soon my friend Doug Madory tweeted about large scale hijack coming from Vodafone AS55410. Large BGP routing leak out of India this morning. AS55410 mistakenly announced over 30,000 BGP prefixes causing a 13x spike in inbound traffic to their network according to @kentikinc netflow data.

Today BGPmon reported about possible BGP prefix hijack of Amazon’s IP address space. Amazon announces 50.16.0.0/16 from AS14618. At 13:45:44 UTC / 19:15:44 IST D-Vois broadband started originating a more specific 50.16.226.0/24 in the table from AS45769. One of example AS_PATH of this announcement: 198290 197264 197264 197264 29467 1299 9583 45769 Clearly, this leak was carried over by AS9583 (Sify) to AS1299 (Telia) and was carried over to rest of internet from there.