Wednesday, July 17, 2024
EHA

Cloudflare Recorded 17.2 Million Request-Per-Second (rps) – Largest HTTP DDoS Attack Ever Detected

Being a USA-based web infrastructure and website security company, Cloudflare works for other companies managing connections to servers and web pages. Recently, Cloudflare has claimed that it has mitigated one of the largest DDoS attacks in history that involve more than 17.2 million Request-Per-Second (rps).

Cloudflare works very efficiently, soon after detecting this large HTTP DDoS attack, it manages to mitigate exactly what has happened in this attack. 

According to the report of Cloudflare, this HTTP DDoS attack took place last month and it had targeted one of Cloudflare’s financial customers.

There was an unknown threat actor that used a botnet of 28,000 infected devices to forward the HTTP requests to the client’s network.

Automated DDoS mitigation with autonomous edge

This largest HTTP DDoS attack was automatically identified as well as mitigated by the self-sufficient DDoS protection systems of Cloudflare. There is no doubt that Cloudflare has a system that is quite powerful as it has its own denial of service daemon (dosd). 

Cloudflare is a versatile security company, and it has a DOSD service that is a home-grown software and it is generally determined as a daemon. 

There are many interesting facts about this system, however, a unique DOSD case operates in every server and in every data centers around the world. 

The main work of the DOSD service is to analyzes traffic samples that come across the operation. Traffic is quite essential to record, that’s why analyzing traffic out-of-path enables to scan asynchronously for DDoS attacks without creating latency and affecting the execution. 

Revival of Mirai and new powerful botnets

This HTTP DDoS attack was initiated with a very powerful botnet, and in seconds, the botnet attacked the Cloudflare edge security system with nearly 330 million attack requests.

The experts of Cloudflare, pronounced a brief note regarding this attack, as to affirm that the traffic of this attack has dawned from more than 20,000 bots in 125 countries all over the world.

Moreover, the bots clearly asserted that 15% of the attack has been initiated from Indonesia and 17% from India and Brazil. Not only this but the experts also claimed that the attack also indicates that in those countries there might be several malware devices that are affected by this attack.

How to protect?

After detecting this huge attack, the security analysts of Cloudflare has declared that how the customers can protect themselves from this kind of attack, and that’s why we have listed the points below:-

  • Initially to protect the Internet properties, onboard to Cloudflare.
  • The analyst said that DoS is permitted, thus the customers can also customize the security settings.
  • To keep yourself safe, ask your upstream Internet Service Provider (ISP) to implement an access control list (ACL), in case you don’t then the threat actor might target your servers’ IP addresses immediately.
  • Moreover, customers can also change the default username as well as the password of any device that is attached to the Internet. Doing this will help to reduce the risk of the attack.
  • The customers need to protect their homes against malware with “Cloudflare for Families,” as it is a free service that blocks the traffic from your home to malicious websites as well as malware communication.

Apart from all this, Cloudflare is continuously tracking the growth of this botnet, as it resembles to be a transformed version of the well-known IoT malware Mirai.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates

Website

Latest articles

Volcano Demon Group Attacking Organizations With LukaLocker Ransomware

The Volcano Demon group has been discovered spreading a new ransomware called LukaLocker, which...

Resonance Security Launches Harmony to Monitor and Detect Threats to Web2 and Web3 Apps

Quick take:Harmony is the fourth cybersecurity application Resonance developed to address the disconnect in...

Beware! of New Phishing Tactics Mimic as HR Attacking Employees

Phishing attacks are becoming increasingly sophisticated, and the latest strategy targeting employees highlights this...

MirrorFace Attacking Organizations Exploiting Vulnerabilities In Internet-Facing Assets

MirrorFace threat actors have been targeting media, political organizations, and academic institutions since 2022,...

HardBit Ransomware Using Passphrase Protection To Evade Detection

In 2022, HardBit Ransomware emerged as version 4.0. Unlike typical ransomware groups, this ransomware...

New Poco RAT Weaponizing 7zip Files Using Google Drive

The hackers weaponize 7zip files to pass through security measures and deliver malware effectively.These...

New ShadowRoot Ransomware Attacking Business Via Weaponized PDF’s

X-Labs identified basic ransomware targeting Turkish businesses, delivered via PDF attachments in suspicious emails...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles