The famous web infrastructure company, Cloudflare , claims to have recently mitigated the largest DDoS attack (denial of service attack) in the history of the Internet, which is no small thing.
According to the American company, the attack was launched last July 2021 through the Mirai Botnet . It was aimed at an important client in the financial industry; whose identity will not be revealed for security reasons. Be that as it may, the DDoS attack perpetrated was volumetric, so the HTTP requests were intended to consume the target server’s CPU and RAM.
In this specific incident, the traffic originated from more than 20,000 bots in 125 countries around the world. It should be noted that almost 15% of the attack originated in Indonesia, followed by India, Brazil, Vietnam and Ukraine.
To put this in context and understand why this is the largest DDoS attack on record to date, Cloudflare has shown us official figures regarding legitimate traffic that is normally serving.
Cloudflare saves the day
In this sense, Cloudflare serves more than 25 million HTTP requests per second on average. In the second quarter of 2021 the average legitimate traffic rate was 25.0 million RPS (requests per second). Meanwhile, the attack peaked at 17.2 million RPS , representing 68% of the average RPS rate of legitimate HTTP traffic in Q2 2021.
The now second largest DDoS attack on record reached less than 8 million RPS, highlighting the scale of the new attack.
What do both attacks have in common? Well, both are based on Mirai, a malware that was first discovered in 2016 by MalwareMustDie. Malware spreads by infecting Linux-operated devices such as security cameras and routers. It then propagates itself by looking for open Telnet ports 23 and 2323, taking advantage of default credentials that no one bothers to change.
Once brute-force takes over, infected devices wait for a C2 server to instruct them which target to attack.
Be that as it may, this time Cloudflare saved the day, so they have the luxury of bragging, that while also warning of the growing risk of DDoS attacks from the Mirai botnet.