[TheRecord] Cloudflare says it mitigated a record-breaking 17.2M rps DDoS attack

Internet infrastructure company Cloudflare disclosed today that it mitigated the largest volumetric distributed denial of service (DDoS) attack that was recorded to date.

The attack, which took place last month, targeted one of Cloudflare’s customers in the financial industry.

Cloudflare said that a threat actor used a botnet of more than 20,000 infected devices to flung HTTP requests at the customer’s network in order to consume and crash server resources.

Called a volumetric DDoS, these are different from classic bandwidth DDoS attacks where threat actors try to exhaust and clog up the victim’s internet connection bandwidth. Instead, attackers focus on sending as many junk HTTP requests to a victim’s server in order to take up precious server CPU and RAM and prevent legitimate users from using targeted sites.

Cloudflare said this attack peaked at 17.2 million HTTP requests/second (rps), a figure that the company described as almost three times larger than any previous volumetric DDoS attack that was ever reported in the public domain.

We are currently under DDoS and are working to mitigate. Requests reached > 7million/minute at our edge and declining.

— BitMEX (@BitMEX) August 22, 2018

Cloudflare said that while the attack peaked at 17.2 million rps, the threat actor kept its botnet aimed against its customer for hours, during which time it had to absorb more than 330 million junk HTTP requests.

But the botnet operator did not stop after this initial attack. Cloudflare said the same botnet also carried out two other large-scale attacks in the subsequent weeks, including another that peaked at 8 million rps, aimed at a web hosting provider.

Cloudflare said it’s currently tracking the botnet’s evolution, which appears to have been built using a modified version of the well-known Mirai IoT malware.

Based on the infected device’s (bots) IP addresses, Cloudflare said that 15% of the attacker’s traffic came from Indonesia, while another 17% of the malicious traffic came from India and Brazil combined.

Image: Cloudflare

At 17.2 million rps, the attack also accounted for 68% of the legitimate HTTP traffic the company processed during Q2 2021, estimated at 25 million rps.

The biggest bandwidth DDoS attack ever recorded comes at 2.3 terabytes per second (Tbps), recorded by Amazon Web Services in February 2020.

The post Cloudflare says it mitigated a record-breaking 17.2M rps DDoS attack appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[BleepingComputer] DarkSide ransomware gang returns as new BlackMatter operation

Encryption algorithms found in a decryptor show that the notorious DarkSide ransomware gang has rebranded as a new BlackMatter ransomware operation and is actively performing attacks on corporate entities. […] Source: Read More (BleepingComputer)

Read More

[ZDNet] Ransomware warning: Attacks are rising, and they’ll keep coming if victims keep paying

All posts, ZDNet

A joint alert by cybersecurity agencies warns about the increasing damage done by ransomware attacks – and offers advice on how to counter the threat. Source: Read More (Latest topics for ZDNet in Security)

Read More

[ThreatPost] Black Hat: Scaling Automated Disinformation for Misery and Profit

All posts, ThreatPost

Researchers demonstrated the power deep neural networks enlisted to create a bot army with the firepower to shape public opinion and spark QAnon 2.0. Source: Read More (Threatpost)

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.