Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Mirai Botnet Launched 2.5 Tbps DDoS Attack Against Minecraft Server

A Mirai botnet variant has launched a distributed denial-of-service (DDoS) attack that peaked at 2.5 terabytes per second (Tbps), according to Cloudflare, which described it as the largest attack it has seen in terms of bitrate.

A Mirai botnet variant has launched a distributed denial-of-service (DDoS) attack that peaked at 2.5 terabytes per second (Tbps), according to Cloudflare, which described it as the largest attack it has seen in terms of bitrate.

The attack was aimed at a Minecraft server named Wynncraft and it involved UDP and TCP floods. However, the web security firm said it mitigated the attack, preventing it from causing any disruption to the game.

While this may have been a record-breaking attack for Cloudflare, Microsoft last year observed an attack that peaked at 3.47 Tbps and another that reached 3.25 Tbps.

Cloudflare this year also saw an attack reaching 26 million requests per second (RPS). The attack was noteworthy particularly for the fact that it was powered by a small botnet of only 5,000 devices. However, in terms of RPS, Google saw the biggest attack known to date, which peaked at 46 million RPS.

“The entire 2.5 Tbps attack lasted about 2 minutes, and the peak of the 26M rps attack only 15 seconds,” Cloudflare explained. “This emphasizes the need for automated, always-on solutions. Security teams can’t respond quick enough. By the time the security engineer looks at the PagerDuty notification on their phone, the attack has subsided.”

Cloudflare reported seeing the massive attack aimed at the Minecraft server in its DDoS threat report for the third quarter of 2022. The company has seen longer-lasting volumetric attacks and a spike in attacks powered by variants of the Mirai botnet, with a quarter-over-quarter (QoQ) increase of 405%.

Cloudflare has seen an overall increase in attacks compared to last year, including application-layer, network-layer and ransom attacks.

The company has highlighted one attack vector for which it has seen a significant increase: BitTorrent. DDoS attacks abusing BitTorrent have increased by more than 1,200% QoQ.

Advertisement. Scroll to continue reading.

DDoS attacks have been making headlines in recent weeks, as a pro-Russia hacker group named Killnet has targeted major companies and various countries, including the United States, Estonia, and Lithuania.

Cybersecurity and application delivery company Radware this week published a report detailing Killnet’s DDoS attacks on US civilian and government systems.

Related: Mitel Devices Abused for DDoS Vector With Record-Breaking Amplification Ratio

Related: Cloudflare Customer Targeted in Record HTTPS DDoS Attack

Related: Akamai Sees Largest DDoS Extortion Attack Known to Date

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

Tabitha Craig has been named the CISO of the Congressional Budget Office (CBO).

Life360 has appointed Vari Bindra, former Amazon cybersecurity lead, as Chief Information Security Officer.

Forcepoint has appointed Guy Shamilov as CISO, Bakshi Kohli as CTO and Naveen Palavalli as CPO and CMO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.