Thursday, March 28, 2024

Cloudflare Recorded 17.2 Million Request-Per-Second (rps) – Largest HTTP DDoS Attack Ever Detected

Being a USA-based web infrastructure and website security company, Cloudflare works for other companies managing connections to servers and web pages. Recently, Cloudflare has claimed that it has mitigated one of the largest DDoS attacks in history that involve more than 17.2 million Request-Per-Second (rps).

Cloudflare works very efficiently, soon after detecting this large HTTP DDoS attack, it manages to mitigate exactly what has happened in this attack. 

According to the report of Cloudflare, this HTTP DDoS attack took place last month and it had targeted one of Cloudflare’s financial customers.

There was an unknown threat actor that used a botnet of 28,000 infected devices to forward the HTTP requests to the client’s network.

Automated DDoS mitigation with autonomous edge

This largest HTTP DDoS attack was automatically identified as well as mitigated by the self-sufficient DDoS protection systems of Cloudflare. There is no doubt that Cloudflare has a system that is quite powerful as it has its own denial of service daemon (dosd). 

Cloudflare is a versatile security company, and it has a DOSD service that is a home-grown software and it is generally determined as a daemon. 

There are many interesting facts about this system, however, a unique DOSD case operates in every server and in every data centers around the world. 

The main work of the DOSD service is to analyzes traffic samples that come across the operation. Traffic is quite essential to record, that’s why analyzing traffic out-of-path enables to scan asynchronously for DDoS attacks without creating latency and affecting the execution. 

Revival of Mirai and new powerful botnets

This HTTP DDoS attack was initiated with a very powerful botnet, and in seconds, the botnet attacked the Cloudflare edge security system with nearly 330 million attack requests.

The experts of Cloudflare, pronounced a brief note regarding this attack, as to affirm that the traffic of this attack has dawned from more than 20,000 bots in 125 countries all over the world.

Moreover, the bots clearly asserted that 15% of the attack has been initiated from Indonesia and 17% from India and Brazil. Not only this but the experts also claimed that the attack also indicates that in those countries there might be several malware devices that are affected by this attack.

How to protect?

After detecting this huge attack, the security analysts of Cloudflare has declared that how the customers can protect themselves from this kind of attack, and that’s why we have listed the points below:-

  • Initially to protect the Internet properties, onboard to Cloudflare.
  • The analyst said that DoS is permitted, thus the customers can also customize the security settings.
  • To keep yourself safe, ask your upstream Internet Service Provider (ISP) to implement an access control list (ACL), in case you don’t then the threat actor might target your servers’ IP addresses immediately.
  • Moreover, customers can also change the default username as well as the password of any device that is attached to the Internet. Doing this will help to reduce the risk of the attack.
  • The customers need to protect their homes against malware with “Cloudflare for Families,” as it is a free service that blocks the traffic from your home to malicious websites as well as malware communication.

Apart from all this, Cloudflare is continuously tracking the growth of this botnet, as it resembles to be a transformed version of the well-known IoT malware Mirai.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates

Website

Latest articles

Wireshark 4.2.4 Released: What’s New!

Wireshark stands as the undisputed leader, offering unparalleled tools for troubleshooting, analysis, development, and...

Zoom Unveils AI-Powered All-In-One AI Work Workplace

Zoom has taken a monumental leap forward by introducing Zoom Workplace, an all-encompassing AI-powered...

iPhone Users Beware! Darcula Phishing Service Attacking Via iMessage

Phishing allows hackers to exploit human vulnerabilities and trick users into revealing sensitive information...

2 Chrome Zero-Days Exploited at Pwn2Own 2024: Patch Now

Google has announced a crucial update to its Chrome browser, addressing several vulnerabilities, including...

The Moon Malware Hacked 6,000 ASUS Routers in 72hours to Use for Proxy

Black Lotus Labs discovered a multi-year campaign by TheMoon malware targeting vulnerable routers and...

Hackers Actively Exploiting Ray AI Framework Flaw to Hack Thousands of Servers

A critical vulnerability in Ray, an open-source AI framework that is widely utilized across...

Chinese Hackers Attacking Southeast Asian Nations With Malware Packages

Cybersecurity researchers at Unit 42 have uncovered a sophisticated cyberespionage campaign orchestrated by two...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles