Cloudflare Battles 2 Tbps DDoS Attack Launched by Mirai Botnet

Web security services provider Cloudflare says it mitigated a distributed denial-of-service (DDoS) attack that peaked at almost 2 terabytes per second (Tbps).

The multi-vector assault was launched by a botnet of approximately 15,000 machines infected with a variant of the original Mirai malware. The bots included Internet of Things (IoT) devices and GitLab instances, Cloudflare said in a new report.

GitLab instances ensnared into the botnet are affected by CVE-2021-22205, a critical (CVSS score of 10) vulnerability that was patched more than six months ago, but which continues to expose tens of thousands of systems.

The 2 Tbps DDoS attack only lasted one minute. The assault combined DNS amplification and UDP floods, company said.

[ READ: ‘BotenaGo’ Malware Targets Routers, IoT Devices with Over 30 Exploits ]

Cloudflare notes that it observed an overall increase  in the number of terabit-strong DDoS attacks over the last quarter, and that network-layer incidents were up 44% quarter-over-quarter.

The trends appear to continue into the fourth quarter of the year as well, with multiple terabit-strong attacks already hitting Cloudflare’s infrastructure.

In August, the web protection firm said it observed a Mirai-variant botnet launching multiple 1Tbps attacks, some peaking at 1.2 Tbps.

Last month, Microsoft said in August it mitigated a massive 2.4 Tbps assault originating from 70,000 sources worldwide. Last year, Amazon and Google said they mitigated 2.3 Tbps and 2.5 Tbps DDoS attacks, respectively.

Related: Operator of ‘DownThem’ DDoS Attack Service Convicted

Related: Mēris Botnet Flexes Muscles With 22 Million RPS DDoS Attack

Related: Organizations Warned: STUN Servers Increasingly Abused for DDoS Attacks