Wednesday, November 13, 2024
HomeComputer SecurityDDoS Attack Unleashed - 500 Million packets-per-second

DDoS Attack Unleashed – 500 Million packets-per-second

Published on

Malware protection

DDoS attacks are launched aiming to exhaust the resources of network, application or service so that the legitimate users unable to access the resource.

Imperva mitigated a high-intensity DDoS attack for one of their customers which crossed 500 million packets per second (Mpps) mark which 4 times higher than the DDo attack on Github happened last year. The Attack against Github peaked at 1.35Tbps via 126.9 million packets per second.

It’s not the amount of bandwidth that matters – “it’s the absolute number of packets directed at a network or web site. Packets per second are the true measure of the attack intensity,” reads Imperva report.

- Advertisement - SIEM as a Service

The targeted large syn flood attack originated from random source ports and IP address, the packers are highly randomized and spoofed.

Imperva confirms the attackers not used any special tools and used to common older ones, one tool for the syn attack and another one for a larger syn attack.

Both the mimic the packets coming from a legitimate operating system and both the tools having certain differences.

“One tool randomizes various parameters but accidentally malforms the packet. The other tool uses a legitimate, almost identical packet, for the entire attack.”

Nowadays, the process of organizing the attack is not complicated. There is no reason for writing special software for that when everything can be found online. A big percent of such software is sold on the darknet and has clear and simple instructions of use for its owners.

Services like webstresser[.]org allows anyone to launch DDoS attacks, DDoS-for-hire Service webstresser[.]org was seized by authorities on April 26, 2018, it is considered as one of the biggest marketplace for the DDOS and it has over 136,000 registered users and they conducted 4 million attacks.

As the services have been taken down, now the authorities tracking down the users enrolled for the DDoS-for-hire service. The users of DDoS-for-hire Services services are high risk.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Fortinet Patches Critical Flaws That Affected Multiple Products

Fortinet, a leading cybersecurity provider, has issued patches for several critical vulnerabilities impacting multiple...

China-Nexus Actors Hijack Websites to Deliver Cobalt Strike malware

A Chinese state-sponsored threat group, identified as TAG-112, has been discovered hijacking Tibetan community...

Chrome 131 Released with the Fix for Multiple Vulnerabilities

The Chrome team has officially announced the release of Chrome 131 for Windows, Mac,...

Ivanti Warns of Critical Vulnerabilities in Connect Secure, Policy Secure & Secure Access

Ivanti, the well-known provider of IT asset and service management solutions, has issued critical...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Fortinet Patches Critical Flaws That Affected Multiple Products

Fortinet, a leading cybersecurity provider, has issued patches for several critical vulnerabilities impacting multiple...

China-Nexus Actors Hijack Websites to Deliver Cobalt Strike malware

A Chinese state-sponsored threat group, identified as TAG-112, has been discovered hijacking Tibetan community...

Chrome 131 Released with the Fix for Multiple Vulnerabilities

The Chrome team has officially announced the release of Chrome 131 for Windows, Mac,...