Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Hosting Provider OVH Hit by 1 Tbps DDoS Attack

OVH, one of the world’s largest hosting companies, reported on Thursday that its systems were hit by distributed denial-of-service (DDoS) attacks that reached nearly one terabit per second (Tbps).

OVH, one of the world’s largest hosting companies, reported on Thursday that its systems were hit by distributed denial-of-service (DDoS) attacks that reached nearly one terabit per second (Tbps).

Octave Klaba, the founder and CTO of OVH, revealed on Twitter that the company detected a “lot of huge DDoS” in the past days. A screenshot posted by Klaba shows multiple attacks that exceed 100 Gbps, including simultaneous attacks that totaled nearly 1 Tbps. The largest single attack recorded by OVH peaked at 799 Gbps and 93 MMps.

This is not the only major DDoS attack reported in recent days. Earlier this week, investigative cybercrime journalist Brian Krebs said his blog, KrebsOnSecurity.com, had been targeted in an attack that peaked at 665 Gbps. While it hasn’t been confirmed, some evidence suggests that the attack was carried out in retaliation to a recent blog post exposing the operators of a booter service called vDOS.

The attack was mitigated by Akamai, but the attackers did not give up and Krebs said the company decided to stop providing DDoS protection services. As a result, the journalist has taken his website offline until he finds a new provider.

He pointed out that Akamai had been providing service at no cost. Before this attack, the largest DDoS attack mitigated by the company measured only 336 Gbps.

CloudFlare is confident it can help and it has already offered its services to Krebs. The company’s founder and CEO, Matthew Prince, said they had seen this type of attack before.

Krebs said the attack on his website appears to have been powered almost exclusively by a very large botnet of compromised IoT devices, such as webcams and routers, and no amplification has been used. The expert suggested the same “cannon” has also been tested against OVH and other organizations.

Before the attack that hit Krebs’ website, the largest reported attack, launched by anti-ISIS hackers against BBC websites, peaked at 600 Gbps. However, the magnitude of the attack could not be confirmed.

The largest DDoS attacks recently confirmed by security firms reached 500 Gbps (Arbor Networks) and 470 Gbps (Imperva Incapsula).

Related Reading: “Armada Collective” DDoS Threats Strike Again

Related Reading: Record Number of 100+ Gbps DDoS Attacks Hit in Q1 2016

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Cybercrime

Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.

Cybercrime

Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.