Cryptocurrency platform recently fell victim to one of the largest distributed denial of service attacks ever recorded after attackers bombarded it with 15.3 million requests, content delivery network cloud flash said.
DDoS attacks can be measured in several ways, including the amount of data, the number of packets, or the number of requests sent every second. Current entries 3.4 terabits per second for bulk DDoS that attempt to use all the bandwidth available to the target, and 809Mppsand 17.2 million requests per second. The last two entries measure the power of application layer attacks that attempt to deplete the computing resources of the target infrastructure.
Cloudflare’s recent DDoS protection peaked at 15.3 million requests per second. Despite the absence of the entry, the attack could have been more powerful since it was carried out using HTTPS requests rather than the HTTP requests used in the entry. Since HTTPS requests are much more computationally intensive, this new attack could significantly increase the load on the target.
The resources needed to deliver a stream of HTTPS requests were also larger, indicating that DDoS attacks are becoming more powerful. Cloudflare said that botnet the responsible one, including about 6,000 bots, delivered payloads of up to 10 million requests per second. The attack was launched from 112 countries, with about 15 percent of the firepower coming from Indonesia, followed by Russia, Brazil, India, Colombia and the United States.
“In these countries, the attack originated from more than 1,300 different networks,” Cloudflare researchers Omer Joachimik and Julien Desgats. wrote. They said the flow of traffic has mostly come from data centers as DDoS moves from home network ISPs to cloud computing ISPs. Among the leading data center networks involved were German provider Hetzner Online (AS number 24940), Azteca Comunicaciones Colombia (ASN 262186) and OVH in France (ASN 16276). Other sources included home and small office routers.
“In this case, the attacker used compromised servers of cloud hosting providers, some of which appeared to be running Java-based applications. This is notable due to the recent discovery of a vulnerability (CVE-2022-21449) that can be used to bypass authentication in a wide range of Java-based applications,” Patrick Donahue, Cloudflare’s VP of Product, wrote in an email. “We also saw that a significant number of MikroTik routers were used in the attack, which likely exploited the same vulnerability as Meris botnet made“.
The attack lasted about 15 seconds. Cloudflare has mitigated this by using systems in its datacenter network that automatically detect bursts of traffic and quickly filter out sources. Cloudflare did not name a purpose other than to operate a cryptocurrency startup platform used to fund decentralized finance projects.
The numbers highlight the arms race between attackers and defenders as each tries to outdo the other. It would not be surprising if a new record is set in the coming months.
This story originally appeared on Ars Technique.
- 📩 Latest news about technology, science and more: Receive our newsletters!
- This startup wants watch your brain
- Skillful, discreet translations modern pop music
- Netflix doesn’t need password exchange lock
- How to change the workflow with block planning
- The end of the astronauts.and the advent of robots
- 👁️ Explore AI like never before with our new database
- ✨ Optimize your home life with the best selections from our Gear team, from robotic vacuum cleaners to affordable mattresses to smart speakers
Credit: www.wired.com /