Distributed Denial of Service (DDoS (opens in new tab)) attacks just keep getting bigger, with Akamai claiming to have mitigated a 853.7 Gbps (gigabits per second) and 659.6 Mpps (million packets per second) attack against a company in Eastern Europe.
The attack breaks the previous record (itself only established a mere month and a half ago), and although it’s standard practice not to disclose the victims' names, but given that it’s Eastern Europe, it’s safe to assume this has something to do with the war in Ukraine.
Akamai says this particular target has been under a barrage of DDoS attacks in the last 30 days, with this specific attack occurring on July 21, with the high note coming14 hours in.
Multiple attack vectors
Akamai did not say who the perpetrators might have been, but it did say that whoever it was, it operates a “highly sophisticated global botnet” of compromised endpoints. It did say that the attack targeted multiple IP addresses, and that the victim company suffered 75 attacks in the past month.
The threat actor used User Data Protocol (UDP) flood as its main attack vector, but it also leveraged UDP fragmentation, ICMP flood, RESET flood, SYN requests flood, TCP anomaly, TCP fragment, PSH ACK flood, FIN push flood, and PUSH flood.
> Cloudflare says it stopped the largest HTTPS DDoS attack ever (opens in new tab)
> Microsoft says it blocked the largest DDoS attack it's ever seen (opens in new tab)
> Check out our list of the best firewalls right now (opens in new tab)
Botnets have been getting increasingly more powerful, as threat actors successfully compromise servers, data centers, and virtual machines alike. In June, Cloudflare said it mitigated, what was then the largest DDoS attack ever, peaking at 26 million requests per second (RPS). In total, roughly 5,000 devices were used for the attack, with each endpoint generating roughly 5,200 RPS at peak.
Thirty seconds into the attack, the botnet generated more than 212 million HTTPS requests from more than 1,500 neworks, located in 121 countries. Most requests came from Indonesia, the US, Brazil, and Russia. Some 3% of the attack came through Tor nodes.
- Here's our list of the best CDN providers (opens in new tab) right now
Via: BleepingComputer (opens in new tab)