Cloudflare Just Mitigated One of the Most Powerful DDoS Attacks Ever
upstart writes:
Cloudflare just mitigated one of the most powerful DDoS attacks ever:
Earlier this week, Cloudflare engineers identified one of the largest distributed denial-of-service (DDOS) attacks ever attempted. The attack, made against an unidentified cryptocurrency platform, was identified and mitigated in under 20 seconds. The individuals behind the act flooded the network with more than 15 million requests.
In addition to the attack's size, the use of HTTPS rather than typical HTTP requests further complicated the issue-the secure protocol results in more resource overhead due to the compute-intensive nature of the secure HTTPS request. According to Cloudflare, the botnet responsible for carrying out the attack represented 6,000 bots from 112 countries around the world.
The attack is believed to have leveraged servers from hosting providers running vulnerable Java-based applications. Those servers were likely unpatched or not updated and susceptible to CVE-2022-21449, Psychic Signatures in Java. The vulnerability allows attackers to use the elliptic curve digital signature algorithm (ECDSA) to forge SSL certificates and other authentication-based information in order to obtain unwanted access.
The sharp spike in Cloudflare's traffic analytics shows just how quickly the attack was able to ramp up. At 22:21:15 the platform recorded between 500,000 and 1 million requests. Within five seconds, that number grew to almost 3 million requests. At this point the attack's intensity escalated, generating approximately 15.3 million requests within the next five seconds. Several seconds later, Cloudflare was able to mitigate the attack, bringing traffic patterns back to expected levels.
I am no fan of Cloudflare, but they seem to have done what they said they could do in this particular case.
Read more of this story at SoylentNews.