DDoS attack three times bigger than the largest to date recorded

Devata Rohan

August 20, 2021

The largest-ever volumetric DDoS attack to date has been recorded on Thursday by web infrastructure and website security company Cloudflare. The attacker has bombarded the Cloudflare edge with over 330 million requests at a speed of 17.2 million requests per second, making the attack three times larger than the previously reported most significant attack(HTTP DDoS attacks). The attacker has made this feat possible by using a Miraj botnet. These volumetric DDoS attacks are specially designed to focus/target a specific network to overwhelm its bandwidth capacity and cause as much operational disruption as possible by utilizing reflective amplification techniques. Originating from a network of malware-infected systems enables threat actors to co-opt the machines into a botnet, generating an influx of junk traffic directed against the victim. An interesting thing about this attack is that the traffic originated from 20,000 bots from 125 countries with nearly more than 15% of attack happening from Indonesia and the rest followed by India, Ukraine, Brazil, and Vietnam. Similar attacks have been recorded in recent times, making the attack not the last one and the Cloudflare noted that all these happened from the same Miraj Botnet, lowering its strike rate to less than 8 million rps. Miraj Botnet has also launched DDoS attacks using UDP and TCP that peaked multiple times above 1Tbps on a gaming company and some telecommunication services. Even the impact of the attacks is small. Still, we see many of them these days, making the companies take extra measures regarding this. It is vital to note that these attacks are hazardous for organizations without always-on cloud-based protection.

Abridged fromET CISO