Cybercrime

Small Botnet Launches Record-Breaking 26 Million RPS DDoS Attack

Security and web performance services provider Cloudflare this week announced that it has mitigated a record-breaking distributed denial-of-service (DDoS) attack that peaked at 26 million requests-per-second (RPS).

Ionut Arghire

June 15, 2022

Considered the largest HTTPS DDoS attack on record, the assault was launched by a botnet of roughly 5,000 devices.

According to Cloudflare, the attack originated mostly from cloud service providers instead of residential internet services providers, which explains its size and suggests that hijacked virtual machines and powerful servers were abused during the assault.

“On average, each node generated approximately 5,200 RPS at peak,” the web protection company notes.

The attack should also be seen as evidence of the power that hijacked cloud resources provide when compared to much weaker consumer devices such as Internet of Things (IoT) products.

For comparison, a botnet of 730,000 devices was observed generating roughly 1 million RPS, which makes the botnet behind the 26 million RPS DDoS attack 4,000 times stronger.

Within roughly 30 seconds, the botnet generated over 212 million HTTPS requests originating from more than 1,500 networks located in 121 countries. Indonesia, the United States, Brazil, and Russia were the top source countries, with the French OVH, the Indonesian Telkomnet, the US-based iboss and the Libyan Ajeel being the top source networks.

Advertisement. Scroll to continue reading.

Record HTTPS RPS DDoS attack

“Worth noting that this attack was over HTTPS. HTTPS DDoS attacks are more expensive in terms of required computational resources because of the higher cost of establishing a secure TLS encrypted connection,” Cloudflare notes.

DDoS attacks conducted over encrypted connections cost more for both the attacker and the victim.

The attack came roughly two months after a Cloudflare client was targeted in a 15.3 million RPS HTTPS DDoS attack. In August 2021, the company mitigated a 17.2 million RPS attack that was conducted over HTTP.

Written By Ionut Arghire

Ionut Arghire is an international correspondent for SecurityWeek.

Latest News

Click to comment

Virtual Event: Threat Detection and Incident Response Summit

Wednesday, May 24, 2023

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Virtual Event: CISO Forum Virtual Summit

June 13-14, 2023

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Security Pros: Before You Do Anything, Understand Your Threat Landscape

Regardless of the use case your security organization is focused on, you’ll likely waste time and resources and make poor decisions if you don’t start with understanding your threat landscape. (Marc Solomon)

Today’s Cyber Defense Challenges: Complexity and a False Sense of Security

Industry standard frameworks and guidelines often lead organizations to believe that deploying more security solutions will result in greater protection against threats. (Torsten George)

Cutting Through the Noise: What is Zero Trust Security?

With proactive steps to move toward Zero Trust, technology leaders can leverage an old, yet new, idea that must become the security norm. (Marie Hattar)

Triple Threat: Insecure Economy, Cybercrime Recruitment and Insider Threats

A wave of layoffs, coupled with increased recruitment efforts by cybercriminals, could create the perfect conditions for insider threats to flourish (Derek Manky)

This New Era of Security Requires Secure Networking, Vendor Consolidation, and Focus on OT

The convergence of networking and security, the consolidation of technology vendors, and a focus on OT security are essential underpinnings of any organization's success. (John Maddison)

Cybercrime

Cyber Insights 2023 | Ransomware

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Kevin TownsendFebruary 2, 2023

Cybercrime

Neiman Marcus Says Hackers Breached Customer Accounts

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Eduard KovacsFebruary 2, 2016

Cybercrime

Cyber Insights 2023 | The Coming of Web3

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Kevin TownsendFebruary 6, 2023

Cybercrime

Comodo Forums Hacked via Recently Disclosed vBulletin Vulnerability

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Eduard KovacsOctober 1, 2019

Cybercrime

Dish Network Says Outage Caused by Ransomware Attack

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Eduard KovacsMarch 1, 2023

Cybercrime

Zendesk Hacked After Employees Fall for Phishing Attack

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Eduard KovacsJanuary 24, 2023

Artificial Intelligence

Malicious Prompt Engineering With ChatGPT

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Kevin TownsendJanuary 25, 2023

Artificial Intelligence

Cyber Insights 2023 | Artificial Intelligence

The degree of danger that may be introduced when adversaries start to use AI as an effective weapon of attack rather than a tool...

Kevin TownsendJanuary 31, 2023

SECURITYWEEK NETWORK:

ICS:

SecurityWeek

Cybercrime

Small Botnet Launches Record-Breaking 26 Million RPS DDoS Attack

More from Ionut Arghire

Latest News

Virtual Event: Threat Detection and Incident Response Summit

Virtual Event: CISO Forum Virtual Summit

Expert Insights

Security Pros: Before You Do Anything, Understand Your Threat Landscape

Today’s Cyber Defense Challenges: Complexity and a False Sense of Security

Cutting Through the Noise: What is Zero Trust Security?

Triple Threat: Insecure Economy, Cybercrime Recruitment and Insider Threats

This New Era of Security Requires Secure Networking, Vendor Consolidation, and Focus on OT

Related Content

Cybercrime

Cyber Insights 2023 | Ransomware

Cybercrime

Neiman Marcus Says Hackers Breached Customer Accounts

Cybercrime

Cyber Insights 2023 | The Coming of Web3

Cybercrime

Comodo Forums Hacked via Recently Disclosed vBulletin Vulnerability

Cybercrime

Dish Network Says Outage Caused by Ransomware Attack

Cybercrime

Zendesk Hacked After Employees Fall for Phishing Attack

Artificial Intelligence

Malicious Prompt Engineering With ChatGPT

Artificial Intelligence

Cyber Insights 2023 | Artificial Intelligence

SECURITYWEEK NETWORK:

ICS:

More from Ionut Arghire

Latest News

Trending

Daily Briefing Newsletter

Virtual Event: Threat Detection and Incident Response Summit

Virtual Event: CISO Forum Virtual Summit

Expert Insights

Security Pros: Before You Do Anything, Understand Your Threat Landscape

Today’s Cyber Defense Challenges: Complexity and a False Sense of Security

Cutting Through the Noise: What is Zero Trust Security?

Triple Threat: Insecure Economy, Cybercrime Recruitment and Insider Threats

This New Era of Security Requires Secure Networking, Vendor Consolidation, and Focus on OT

Related Content

Cybercrime

Cyber Insights 2023 | Ransomware

Cybercrime

Neiman Marcus Says Hackers Breached Customer Accounts

Cybercrime

Cyber Insights 2023 | The Coming of Web3

Cybercrime

Comodo Forums Hacked via Recently Disclosed vBulletin Vulnerability

Cybercrime

Dish Network Says Outage Caused by Ransomware Attack

Cybercrime

Zendesk Hacked After Employees Fall for Phishing Attack

Artificial Intelligence

Malicious Prompt Engineering With ChatGPT

Artificial Intelligence

Cyber Insights 2023 | Artificial Intelligence