Cloudflare says it has stopped a distributed denial-of-service (DDoS) attack that peaked at just under 2 Tbps, making it the largest ever recorded.
internet company said in a blog post The attack was launched with approximately 15,000 bots running a version of the original Mirai code on exploited Internet of Things (IoT) devices and unprivileged GitLab instances.
DDoS attack comes just two weeks later Rapid7 warns of GitLab vulnerability – Rated a perfect 10.0 on the CVSS severity scale – which can be used to allow an attacker to remotely run code such as botnet malware on an affected server. Rapid7 found that at least half of the 60,000 Internet-facing GitLab instances are unpublished, and warned that “exploits are expected to increase” as details of the bug become public.
The company was not wrong; Cloudflare said it stopped the massive DDoS attack just a week later. From its analysis of the attack, Cloudflare believes it was a multi-vector attack that combined both DNS amplification attacks as well. UDP flood,
Cloudflare says the attack, which lasted less than a minute, was the biggest ever. This comes just a month after Microsoft took it down A “Record Breaker” 2.4 Tbps DDoS Attack Targeting one of my Azure customers in Europe.
While Cloudflare downplayed the attack in seconds, it warns that it has seen several terabit-strong DDoS attacks in the past month, adding that it is unlikely a trend that is going to slow down any time soon. .
“Another key finding from our Q3 DDoS trend report was that network-layer DDoS attacks actually increased by 44% quarter-over-quarter,” said Omar Yoachimic, Product Manager for Cloudflare. “While the fourth quarter is not over yet, we have again seen several terabit-robust attacks targeting Cloudflare customers.”
Rapid7 urges GitLab users to get the latest version of GitLab as soon as possible. “Also, ideally, GitLab should not be an Internet-facing service,” the company said. “If you need to access your GitLab from the Internet, consider putting it behind a VPN.”