Cloudflare mitigates record-breaking HTTPS DDoS attack

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,696
Internet infrastructure firm Cloudflare said today that it mitigated a 26 million request per second distributed denial-of-service (DDoS) attack, the largest HTTPS DDoS attack detected to date.

The record-breaking attack occurred last week and targeted one of Cloudflare's customers using the Free plan.

The threat actor behind it likely used hijacked servers and virtual machines seeing that the attack originated from Cloud Service Providers instead of weaker Internet of Things (IoT) devices from compromised Residential Internet Service Providers.

According to Cloudflare, the attacker also used a rather small yet very powerful botnet of 5,067 devices, each capable of generating roughly 5,200 rps when peaking.

"To contrast the size of this botnet, we've been tracking another much larger but less powerful botnet of over 730,000 devices," revealed Cloudflare Product Manager Omer Yoachimik.

"The latter, larger botnet wasn't able to generate more than one million requests per second, i.e., roughly 1.3 requests per second on average per device. Putting it plainly, this botnet was, on average, 4,000 times stronger due to its use of virtual machines and servers.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top