Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Cloudflare blocks largest recorded DDoS attack peaking at 3.8Tbps
#1
https://www.bleepingcomputer.com/news/se...at-38tbps/    Cloudflare blocks largest recorded DDoS attack peaking at 3.8Tbps
By Ionut Ilascu
October 3, 2024 12:11 PM 0      During a distributed denial-of-service campaign targeting organizations in the financial services, internet, and telecommunications sectors, volumetric attacks peaked at 3.8 terabits per second, the largest publicly recorded to date. The assault consisted of a “month-long” barrage of more than 100 hyper-volumetric DDoS attacks flooding the network infrastructure with garbage data.

In a volumetric DDoS attack, the target is overwhelmed with large amounts of data to the point that they consume the bandwidth or exhaust the resources of applications and devices, leaving legitimate users with no access.

Asus routers, MikroTik devices, DVRs, and web servers
Many of the attacks aimed at the target’s network infrastructure (network and transport layers L3/4) exceeded two billion packets per second (pps) and three terabits per second (Tbps).

According to researchers at internet infrastructure company Cloudflare, the infected devices were spread across the globe but many of them were located in Russia, Vietnam, the U.S., Brazil, and Spain.

Origin of the 3.8 DDoS attack
DDoS packets delivered from all over the world
source: Cloudflare
The threat actor behind the campaign leveraged multiple types of compromised devices, which included a large number of Asus home routers, Mikrotik systems, DVRs, and web servers.

Cloudflare mitigated all the DDoS attacks autonomously and noted that the one peaking at 3.8 Tbps lasted 65 seconds.

Largest volumetric DDoS attack peaked at 3.8Tbps
Largest publicly recorded volumetric DDoS attack peaking at 3.8Tbps
The researchers say that the network of malicious devices used mainly the User Datagram Protocol (UDP) on a fixed port, a protocol with fast data transfers but which does not require establishing a formal connection.

Previously, Microsoft held the record for defending against the largest volumetric DDoS attack of 3.47 Tbps, which targeted an Azure customer in Asia.

Typically, threat actors launching DDoS attacks rely on large networks of infected devices (botnets) or look for ways to amplify the delivered data at the target, which requires a smaller number of systems.

In a report this week, cloud computing company Akamai confirmed that the recently disclosed CUPS vulnerabilities in Linux could be a viable vector for DDoS attacks.

After scanning the public internet for systems vulnerable to CUPS, Akamai found that more than 58,000 were exposed to DDoS attacks from exploiting the Linux security issue.

More testing revealed that hundreds of vulnerable “CUPS servers will beacon back repeatedly after receiving the initial requests, with some of them appearing to do it endlessly in response to HTTP/404 responses.”

These servers sent thousands of requests to Akamai’s testing systems, showing significant potential for amplification from exploiting the CUPS flaws.   
AVG Online Security
bleepingcomputer.com
Everything looks good!
We’re constantly scanning the web and haven’t found anything bad here that’s trying to get your info.


Attached Files Thumbnail(s)
           
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Russia Had Access for Months to Ukraine's Largest Telecom Operator Before Attacking mrtrout 0 2,162 01-07-2024 , 06:36 AM
Last Post: mrtrout
  Cloudflare is now powering Microsoft Edge Secure Network mrtrout 0 633 09-30-2023 , 03:06 AM
Last Post: mrtrout
  (Kaspersky ) Top 10 countries with the largest number of threats of selected type mrtrout 0 932 02-04-2023 , 05:43 AM
Last Post: mrtrout
  Cloudflare report highlights devastating DDoS attacks on VoIP services mrtrout 0 954 11-06-2021 , 09:08 PM
Last Post: mrtrout
  DDoS attacks hit multiple email providers mrtrout 0 1,317 10-23-2021 , 09:03 AM
Last Post: mrtrout



Users browsing this thread: 1 Guest(s)