[TheRecord] Cloudflare says it mitigated a record-breaking 17.2M rps DDoS attack

Internet infrastructure company Cloudflare disclosed today that it mitigated the largest volumetric distributed denial of service (DDoS) attack that was recorded to date.

The attack, which took place last month, targeted one of Cloudflare’s customers in the financial industry.

Cloudflare said that a threat actor used a botnet of more than 20,000 infected devices to flung HTTP requests at the customer’s network in order to consume and crash server resources.

Called a volumetric DDoS, these are different from classic bandwidth DDoS attacks where threat actors try to exhaust and clog up the victim’s internet connection bandwidth. Instead, attackers focus on sending as many junk HTTP requests to a victim’s server in order to take up precious server CPU and RAM and prevent legitimate users from using targeted sites.

Cloudflare said this attack peaked at 17.2 million HTTP requests/second (rps), a figure that the company described as almost three times larger than any previous volumetric DDoS attack that was ever reported in the public domain.

We are currently under DDoS and are working to mitigate. Requests reached > 7million/minute at our edge and declining.

— BitMEX (@BitMEX) August 22, 2018

Cloudflare said that while the attack peaked at 17.2 million rps, the threat actor kept its botnet aimed against its customer for hours, during which time it had to absorb more than 330 million junk HTTP requests.

But the botnet operator did not stop after this initial attack. Cloudflare said the same botnet also carried out two other large-scale attacks in the subsequent weeks, including another that peaked at 8 million rps, aimed at a web hosting provider.

Cloudflare said it’s currently tracking the botnet’s evolution, which appears to have been built using a modified version of the well-known Mirai IoT malware.

Based on the infected device’s (bots) IP addresses, Cloudflare said that 15% of the attacker’s traffic came from Indonesia, while another 17% of the malicious traffic came from India and Brazil combined.

Image: Cloudflare

At 17.2 million rps, the attack also accounted for 68% of the legitimate HTTP traffic the company processed during Q2 2021, estimated at 25 million rps.

The biggest bandwidth DDoS attack ever recorded comes at 2.3 terabytes per second (Tbps), recorded by Amazon Web Services in February 2020.

The post Cloudflare says it mitigated a record-breaking 17.2M rps DDoS attack appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[SANS ISC] Phishing asking recipients not to report abuse, (Tue, Jun 22nd)

All posts, Sans-ISC

It can be a little disheartening to deal with well-prepared phishing attacks every day, since one can easily see how even users who are fully “security-aware” could fall for some them. The messages don’t even have to be too complex to be believable. For example, a message containing seemingly innocuous text and a link that […]

Read More

[ZDNet] Quantum cryptography: This air-filled fiber optic cable can transport un-hackable keys, say researchers

All posts, ZDNet

Hollow core fiber is filled only with air, but the technology’s applications for security could be very promising. Source: Read More (Latest topics for ZDNet in Security)

Read More

[BleepingComputer] New DNS vulnerability allows ‘nation-state level spying’ on companies

Security researchers found a new class of DNS vulnerabilities impacting major DNS-as-a-Service (DNSaaS) providers that could allow attackers to access sensitive information from corporate networks. […] Source: Read More (BleepingComputer)

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.