The Internet infrastructure company Cloudflare revealed today that it managed to block the largest distributed attack refusalof Service (DDoS) recorded to date.
The attack, which took place last month, targeted one of Cloudflare's clients in the financial sector.
Cloudflare said the attackers used a botnet of more than 20.000 infected devices to transfer requests HTTP to the client's network. Their goal was to consume and destroy the server's resources.
The volumetric DDoS attack is different from the classic DDoS bandwidth attacks where attackers try to deplete the victim's bandwidth on the internet. In a volumetric DDoS attack, attackers focus on sending so many unwanted HTTP requests to a victim server, to capture the server's valuable CPU and RAM, and prevent regular users from using targeted websites.
Cloudflare said the attack peaked at 17,2 million HTTP requests per second (rps), a rate the company described as almost three times higher than any previous volumetric DDoS ever recorded.
We are currently under DDoS and are working to mitigate. Requests reached> 7million / minute at our edge and declining.
- BitMEX (@BitMEX) August 22
Cloudflare also reported that although the attack peaked at 17,2 million rps, the attackers operated their botnet for hours on the same target. During this time the company had to absorb more than 330 million unsolicited HTTP requests.
The botnet operators did not stop after this initial attack. Cloudflare reported that the same botnet carried out others two large-scale attacks in the following weeks, and one of them peaked at 8 million rps, targeting a web hosting provider.
Cloudflare is currently monitoring the evolution of the botnet, which appears to have been created using a modified version of the known Mirai IoT malware.
Based on the IP addresses of the bots, Cloudflare reports that 15% of the attacker's traffic originates from Indonesia, a 17% of the malicious traffic from India and Brazil together.
For history the largest bandwidth DDoS attack ever recorded was at 2,3 terabyte per second (Tbps), which was recorded by Amazon Web Services in February 2020.