"The latest record-breaking attack peaked at 22.2 terabits per second (Tbps) and 10.6 billion packets per second (Bpps), and lasted only 40 seconds. The company said this hyper-volumetric DDoS attack, which was double in size compared to the previous record, was autonomously blocked by its systems. Cloudflare told SecurityWeek that the attack was aimed at a single IP address of an unnamed European network infrastructure company. Cloudflare has yet to determine who was behind the attack, but believes it may have been powered by the Aisuru botnet, which was also linked earlier this year to a massive 6.3 Tbps attack on the website of cybersecurity blogger Brian Krebs."
"Aisuru has been around for more than a year. The botnet is powered by hacked IoT devices such as routers and DVRs that have been compromised through the exploitation of known and zero-day vulnerabilities. According to Cloudflare, the 22 Tbps attack was traced to over 404,000 unique source IPs across over 14 ASNs worldwide. "Based on internal analysis using a proprietary system, the source IPs were not spoofed," the company explained. The security firm described it as a UDP carpet bomb attack targeting an average of 31,000 destination ports per second, with a peak of 47k ports, all of a single IP address."
Cloudflare blocked a hyper-volumetric DDoS that peaked at 22.2 Tbps and 10.6 billion pps and lasted 40 seconds. The attack targeted a single IP address belonging to an unnamed European network infrastructure company and was autonomously mitigated by Cloudflare systems. The attack likely involved the Aisuru botnet, which uses compromised IoT devices such as routers and DVRs via known and zero-day vulnerabilities. Traffic was traced to over 404,000 unique source IPs across 14+ ASNs and was characterized as a UDP carpet bomb hitting tens of thousands of destination ports per second.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]