The Internet infrastructure company Cloudflare revealed today that it has managed to block the largest distributed denial of service (DDoS) attack ever recorded.
The attack, which took place last month, targeted one of Cloudflare's clients in the financial sector.
Cloudflare said the attackers used a botnet with more than 20.000 infected devices to transmit HTTP requests to the client network. Their goal was to consume and destroy server resources.
The volumetric DDoS attack is different from the classic DDoS bandwidth attacks where attackers try to deplete the victim's bandwidth on the internet. In a volumetric DDoS attack, attackers focus on sending so many unwanted HTTP requests to a victim server, to capture the server's valuable CPU and RAM, and prevent regular users from using targeted websites.
Cloudflare said the attack peaked at 17,2 million HTTP requests per second (rps), a rate the company described as almost three times higher than any previous volumetric DDoS ever recorded.
We are currently under DDoS and are working to mitigate. Requests reached> 7million / minute at our edge and declining.
- BitMEX (@BitMEX) August 22
Cloudflare also reported that although the attack peaked at 17,2 million rps, the attackers operated their botnet for hours on the same target. During this time the company had to absorb more than 330 million unsolicited HTTP requests.
The botnet operators did not stop after this initial attack. Cloudflare reported that the same botnet carried out two other large-scale attacks in the coming weeks, one of which peaked at 8 million rps, targeting a web hosting provider.
Cloudflare is currently monitoring the evolution of the botnet, which appears to have been created using a modified version of the known Mirai IoT malware.
Based on the bots' IP addresses, Cloudflare reports that 15% of the intruder's traffic comes from Indonesia, and 17% of the malicious traffic comes from India and Brazil combined.
Historically, the largest DDoS bandwidth attack ever recorded was at 2,3 terabytes per second (Tbps), which was recorded by Amazon Web Services in February 2020.