Article 60H6Y Massive DDoS Attack Delivered By Tiny Botnet

Massive DDoS Attack Delivered By Tiny Botnet

by
hubie
from SoylentNews on (#60H6Y)

upstart writes in with two stories on a recent DDoS attack:

Hackers just launched the largest HTTPS DDoS attack in history:

The largest HTTPS distributed denial-of-service (DDoS) attack in history materialized last week, Cloudflare has confirmed.

As reported by Bleeping Computer, the company revealed that it recorded a 26 million requests per second distributed denial-of-service (DDoS) attack.

It should be stressed that this is an HTTPS-based DDoS attempt as opposed to the more traditional, standard DDoS attacks. In any case, the intended target was a Cloudflare client utilizing the service's Free plan.

[...] Interestingly, whoever was behind the attack managed to concentrate all its firepower with a botnet of 5,067 devices, which is a relatively small number considering the scale of the assault. Every single device was capable of delivering around 5,200 requests per second (rps) at its peak.

[...] Specifically, the botnet that was put to work in the unprecedented 26 million rps DDoS attack managed to deliver over an astronomical 212 million HTTPS requests within a period of just 30 seconds. This was achieved due to requests stemming from more than 1,500 networks located in 121 countries around the globe.

Tsunami of junk traffic that broke DDoS records delivered by tiniest of botnets:

The DDoS delivered 26 million HTTPS requests per second, breaking the previous record of 15.3 million requests for that protocol set only seven weeks ago, Cloudflare Product Manager Omer Yoachimik reported. Unlike more common DDoS payloads such as HTTP, SYN, or SYN-ACK packets, malicious HTTPS requests require considerably more computing resources for the attacker to deliver and for the defender or victim to absorb.

[Cloudflare Product Manager Omer] Yoachimik wrote:

The 26M rps DDoS attack originated from a small but powerful botnet of 5,067 devices. On average, each node generated approximately 5,200 rps at peak. To contrast the size of this botnet, we've been tracking another much larger but less powerful botnet of over 730,000 devices. The latter, larger botnet wasn't able to generate more than one million requests per second, i.e. roughly 1.3 requests per second on average per device. Putting it plainly, this botnet was, on average, 4,000 times stronger due to its use of virtual machines and servers.

[...] The Cloudflare product manager said that his company automatically detected and mitigated the attack against the customer, which was using Cloudflare's free service.

See also:
Cloudflare Just Mitigated One of the Most Powerful DDoS Attacks Ever
Microsoft Azure Customer Hit by Largest 3.47 Tbps DDoS Attack
Microsoft Azure Fends Off Huge DDoS Attack

Original Submission #1 Original Submission #2

Read more of this story at SoylentNews.

External Content
Source RSS or Atom Feed
Feed Location https://soylentnews.org/index.rss
Feed Title SoylentNews
Feed Link https://soylentnews.org/
Feed Copyright Copyright 2014, SoylentNews
Reply 0 comments