The largest ever DDoS attack has just been blocked – here’s how it was done

The largest ever DDoS attack has just been blocked – here’s how it was done

Cloudflare has claimed to have recently mitigated the biggest Distributed Denial of Service (DDoS) attack in history.

In a company blog post, Cloudflare outlined how, throughout September 2024, an unnamed threat actor targeted multiple customers in the financial services, internet, and telecommunication industries, among others.

Without naming any specific targets, Cloudflare said that the attack campaign targeted bandwidth saturation, as well as resource exhaustion of in-line applications and devices.

Bots across the world

The attack included “over one hundred hyper-volumetric L3/4 DDoS attacks”, many of which exceeded 2 billion packets per second (Bpps), and 3 terabits per second (Tbps).

A hyper-volumetric L3/4 DDoS attack is a type of DDoS attack targeting layers 3 (network) and 4 (transport) of the OSI model (framework that standardizes network communication). It overwhelms the target’s bandwidth or network infrastructure with massive amounts of traffic, often using techniques like UDP floods or TCP SYN floods. The goal is to exhaust the resources of the target system, making it unavailable to legitimate users.

Of all the attacks, one stood out – when it peaked at 3.8 Tbps. This is, according to Cloudflare, “the largest ever disclosed publicly by any organization.” It predominantly leveraged UDP on a fixed port, the company said, and originated from across the globe. The majority of the endpoints used in the attack came from Vietnam, Russia, Brazil, Spain, and the US.

Detection and mitigation was all automatic, Cloudflare says. It added that the key reason why it was able to tackle it was because the company has servers across the world, which essentially water down incoming botnet traffic.

Generally, DDoS attacks are done via botnets – vast networks of compromised endpoints such as routers, smart home devices, and similar. These attacks included traffic from MikroTik devices, DVRs, and web servers, as well as compromised ASUS home routers, which were likely exploited using a CVE 9.8 (Critical) vulnerability that was recently discovered by Censys.

Before this one, the largest-ever observed DDoS attack was 3.47 Tbps strong, and was mitigated by Microsoft in November 2021.

Via PCMag

More from TechRadar Pro

administrator

Related Articles