Web protection company Cloudflare over the weekend mitigated a record-setting distributed denial-of-service (DDoS) attack that peaked at 71 million requests per second (RPS).
The assault, the company says, was the largest HTTP DDoS attack on record, but was not the only one observed this past weekend.
In fact, Cloudflare identified and mitigated dozens of DDoS attacks at the end of last week, most of which peaked between 50-70 million RPS.
The wave of assaults was far higher than previously recorded HTTP DDoS attacks. The largest was 35% higher than a 46 million RPS DDoS attack seen by Google in June 2022.
“The attacks were HTTP/2-based and targeted websites protected by Cloudflare. They originated from over 30,000 IP addresses,” Cloudflare says.
HTTP DDoS attacks consist of large amounts of HTTP requests directed at the targeted website. If the number of requests is high enough, the server is no longer able to process them, and the website becomes unresponsive.
Originating from multiple cloud providers, the DDoS attacks targeted the websites of cryptocurrency firms, cloud computing platforms, a gaming provider, and hosting providers.
According to Cloudflare, the attacks do not appear to be related to the Killnet DDoS campaign that targeted healthcare providers two weeks ago, nor to the US Super Bowl gaming event that took place this weekend.
The company notes that the frequency, size, and sophistication of DDoS attacks has been constantly increasing over the past years. The number of HTTP DDoS attacks observed in 2022 almost doubled compared to 2021.
Last week, the Tor Project revealed that the Tor network had been under constant DDoS pressure for seven months, with some of the attacks preventing users from accessing websites.
Related: Pro-Russian Group DDoS-ing Governments, Critical Infrastructure in Ukraine, NATO Countries
Related: Zerobot IoT Botnet Adds More Exploits, DDoS Capabilities
Related: US Charges Six in Operation Targeting 48 DDoS-for-Hire Websites

More from Ionut Arghire
- Ransomware Gang Publishes Data Allegedly Stolen From Maritime Firm Royal Dirkzwager
- Zoom Paid Out $3.9 Million in Bug Bounties in 2022
- Malicious NuGet Packages Used to Target .NET Developers
- Google Pixel Vulnerability Allows Recovery of Cropped Screenshots
- Millions Stolen in Hack at Cryptocurrency ATM Manufacturer General Bytes
- NBA Notifying Individuals of Data Breach at Mailing Services Provider
- Adobe Acrobat Sign Abused to Distribute Malware
- Latitude Financial Services Data Breach Impacts 300,000 Customers
Latest News
- Google Suspends Chinese Shopping App Amid Security Concerns
- Verosint Launches Account Fraud Detection and Prevention Platform
- Ransomware Gang Publishes Data Allegedly Stolen From Maritime Firm Royal Dirkzwager
- Zoom Paid Out $3.9 Million in Bug Bounties in 2022
- Oleria Scores $8M Seed Funding for ID Authentication Technology
- Exploitation of 55 Zero-Day Vulnerabilities Came to Light in 2022: Mandiant
- News Analysis: UK Commits $3 Billion to Support National Quantum Strategy
- Malicious NuGet Packages Used to Target .NET Developers
