Stories
Slash Boxes
Comments

SoylentNews is people

posted by hubie on Sunday June 19 2022, @08:41AM   Printer-friendly
from the big-things-in-little-packages dept.

Hackers just launched the largest HTTPS DDoS attack in history:

The largest ​​HTTPS distributed denial-of-service (DDoS) attack in history materialized last week, Cloudflare has confirmed.

As reported by Bleeping Computer, the company revealed that it recorded a 26 million requests per second distributed denial-of-service (DDoS) attack.

It should be stressed that this is an HTTPS-based DDoS attempt as opposed to the more traditional, standard DDoS attacks. In any case, the intended target was a Cloudflare client utilizing the service's Free plan.

[...] Interestingly, ​​whoever was behind the attack managed to concentrate all its firepower with a botnet of 5,067 devices, which is a relatively small number considering the scale of the assault. Every single device was capable of delivering around 5,200 requests per second (rps) at its peak.

[...] Specifically, the botnet that was put to work in the unprecedented 26 million rps DDoS attack managed to deliver over an astronomical 212 million HTTPS requests within a period of just 30 seconds. This was achieved due to requests stemming from more than 1,500 networks located in 121 countries around the globe.

Tsunami of junk traffic that broke DDoS records delivered by tiniest of botnets:

The DDoS delivered 26 million HTTPS requests per second, breaking the previous record of 15.3 million requests for that protocol set only seven weeks ago, Cloudflare Product Manager ​​Omer Yoachimik reported. Unlike more common DDoS payloads such as HTTP, SYN, or SYN-ACK packets, malicious HTTPS requests require considerably more computing resources for the attacker to deliver and for the defender or victim to absorb.

[Cloudflare Product Manager ​​Omer] Yoachimik wrote:

The 26M rps DDoS attack originated from a small but powerful botnet of 5,067 devices. On average, each node generated approximately 5,200 rps at peak. To contrast the size of this botnet, we've been tracking another much larger but less powerful botnet of over 730,000 devices. The latter, larger botnet wasn't able to generate more than one million requests per second, i.e. roughly 1.3 requests per second on average per device. Putting it plainly, this botnet was, on average, 4,000 times stronger due to its use of virtual machines and servers.

[...] The Cloudflare product manager said that his company automatically detected and mitigated the attack against the customer, which was using Cloudflare's free service.

See also:
    Cloudflare Just Mitigated One of the Most Powerful DDoS Attacks Ever
    Microsoft Azure Customer Hit by Largest 3.47 Tbps DDoS Attack
    Microsoft Azure Fends Off Huge DDoS Attack


Original Submission #1Original Submission #2

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by driverless on Sunday June 19 2022, @12:24PM

    by driverless (4770) on Sunday June 19 2022, @12:24PM (#1254379)

    Yeah, Google is really gonna provide you the answer to this one...

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2