A crypto platform has been hit by one of the most powerful DDoS attacks ever

The assault was sent through HTTPS, putting extra burden on the target and implying that attackers are becoming more powerful.

According to Cloudflare, a cryptocurrency platform was recently subjected to one of the worst distributed denial of service assaults ever recorded, when threat actors attacked it with 15.3 million requests.

DDoS assaults may be quantified in a variety of ways, including the amount of data transferred, the number of packets delivered per second, and the number of requests submitted per second. Volumetric DDoS attacks, which seek to devour all bandwidth available to the target, have set new records of 3.4 terabits per second, 809 million packets per second, and 17.2 million requests per second. The power of application-layer assaults, which aim to deplete the computational resources of a target's infrastructure, is measured in the last two records.

The latest DDoS mitigation by Cloudflare reached a peak of 15.3 million requests per second. The assault may have been more potent than the record since it was transmitted over HTTPS requests rather than the HTTP queries used in the record. This new attack has the potential to put a lot greater burden on the target because HTTPS queries are significantly more compute-intensive.

The amount of resources needed to deliver the HTTPS request flood was also higher, demonstrating that DDoSers are becoming more powerful. According to Cloudflare, the botnet responsible for the attack, which consists of over 6,000 bots, has sent payloads as high as 10 million requests per second. The attack was launched by 112 nations, with Indonesia providing around 15% of the firepower, followed by Russia, Brazil, India, Colombia, and the United States.

"The assault originated from over 1,300 separate networks within those nations," Cloudflare researchers Omer Yoachimik and Julien Desgats stated. As DDoSers migrate away from residential network ISPs to cloud computing ISPs, they asserted the flow of traffic was primarily coming from data centers. Hetzner Online (Autonomous System Number 24940), Azteca Comunicaciones Colombia (ASN 262186), and OVH in France were among the top data center networks engaged (ASN 16276). Routers in homes and small offices were also used as sources.

"In this case, the attacker was exploiting hacked cloud hosting providers' servers, some of which seemed to be running Java-based apps." This is noteworthy since a vulnerability (CVE-2022-21449) was recently discovered that may be leveraged to overcome authentication in a wide range of Java-based apps," Patrick Donahue, Cloudflare's VP of product, stated in an email. "A large number of MikroTik routers were also exploited in the assault, most likely leveraging the same vulnerability as the Meris botnet."

The assault lasted around 15 seconds. Cloudflare remedied the problem by deploying technologies throughout its network of data centers that identify traffic surges and promptly filter out the origins. Cloudflare didn't reveal who the target was, just that it ran a crypto launchpad, a site that helps decentralized financing initiatives be funded.

The figures highlight the arms race between attackers and defenders, with one trying to outdo the other. It's not out of the question that a new record will be established in the following months.


Related Video:

** Information on these pages contains forward-looking statements that involve risks and uncertainties. Markets and instruments profiled on this page are for informational purposes only and should not in any way come across as a recommendation to buy or sell in these assets. You should do your own thorough research before making any investment decisions. All risks, losses and costs associated with investing, including total loss of principal, are your responsibility. The views and opinions expressed in this article are those of the authors and do not necessarily reflect the official policy or position of USA GAG nor its advertisers. The author will not be held responsible for information that is found at the end of links posted on this page.

Follow us on Google News