[TheRecord] Microsoft said it mitigated a 2.4 Tbps DDoS attack, the largest ever

Microsoft said its Azure cloud service mitigated a 2.4 terabytes per second (Tbps) distributed denial of service attack this year, at the end of August, representing the largest DDoS attack recorded to date.

Amir Dahan, Senior Program Manager for Azure Networking, said the attack was carried out using a botnet of approximately 70,000 bots primarily located across the Asia-Pacific region, such as Malaysia, Vietnam, Taiwan, Japan, and China, as well as the United States.

Dahan identified the target of the attack only as “an Azure customer in Europe.”

The Microsoft exec said the record-breaking DDoS attack came in three short waves, in the span of ten minutes, with the first at 2.4 Tbps, the second at 0.55 Tbps, and the third at 1.7 Tbps.

Dahan said Microsoft successfully mitigated the attack without Azure going down.

Prior to Microsoft’s disclosure today, the previous DDoS record was held by a 2.3 Tbps attack that Amazon’s AWS division mitigated in February 2020.

Dahan said the largest DDoS attack that hit Azure prior to the August attack was a 1 Tbps attack the company saw in Q3 2020, while this year, Azure didn’t see a DDoS attack over 625 Mbps all year.

Record for largest volumetric DDoS attack broken days later too

Just days after Microsoft mitigated this attack, a botnet called Meris broke another DDoS record — the record for the largest volumetric DDoS attack. 

According to Qrator Labs, the operators of the Meris botnet launched a DDoS attack of 21.8 million requests per second (RPS) in early September. Sources told The Record last month that the attack targeted a Russian bank that was hosting its e-banking portal on Yandex Cloud servers.

Security firm Rostelecom-Solar sinkholed around a quarter of the Meris botnet later that month.

It is unclear if the Meris botnet was behind the attack detected and mitigated by Microsoft in August. An Azure spokesperson did not return a request for comment.

The post Microsoft said it mitigated a 2.4 Tbps DDoS attack, the largest ever appeared first on The Record by Recorded Future.

Source: Read More (The Record by Recorded Future)

You might be interested in …

[SecurityWeek] Necro Python Botnet Starts Targeting Visual Tools DVRs

All posts, Security Week

Security researchers have spotted signs of the Necro Python botnet targeting a vulnerability in Visual Tools DVR systems to install a Monero miner on infected systems. read more Source: Read More (SecurityWeek RSS Feed)

Read More

[BleepingComputer] Clop ransomware is back in business after recent arrests

The Clop ransomware operation is back in business after recent arrests and has begun listing new victims on their data leak site again. […] Source: Read More (BleepingComputer)

Read More

[ThreatPost] Angry Affiliate Leaks Conti Ransomware Gang Playbook

All posts, ThreatPost

The data includes IP addresses for Cobalt Strike C2 servers as well as an archive including numerous tools and training materials for the group, revealing how it performs attacks. Source: Read More (Threatpost)

Read More