Record-breaking number of record-breaking DDoS attacks confirmed • The Register

/in


Dozens of companies over the weekend were hit by distributed denial-of-service (DDoS) attacks, including the largest one yet recorded, or so Cloudflare says.

That record-breaking HTTP/2-based DDoS tsunami soared to more than 71 million requests-per-second, more than the previous record of 46 million rps blocked by Google in June 2022. It’s just record after record being broken, huh. Most of the other network flooding over the weekend peaked at between 50 million and 70 million rps.

The attacks, according to Cloudflare, originated from more than 30,000 IP addresses and targeted such businesses as gaming providers, hosting providers, cloud computing platforms, and cryptocurrency companies.

They also continued a growing trend of network traffic originating from cloud providers rather than residential ISPs, the more typical tools used by DDoS attackers who tend to roll IoT devices and home gateways into botnets.

“Over the past year, we’ve seen more attacks originate from cloud computing providers, Cloudflare researchers wrote in a report, adding that the network traffic used in the attacks over the weekend came from “numerous cloud providers.”

Given the increasing number of DDoS attacks coming from cloud providers, Cloudflare is trialing – what convenient timing – a free botnet threat feed to monitor attacks. Those interested in can sign up here to join the early access waiting list.

Script kiddies going for pay-to-play, for us all

HTTP DDoS attacks overwhelm websites with bogus traffic, and they’re efficient and inexpensive for miscreants to run.

The larger the botnet, the larger an attack can be. And DDoS-as-a-service platforms make it even easier and cheaper for cybercriminals to launch an attack, removing the time and cost of building a botnet by offering the platform for as little as $30 a month, Cloudflare said.

DDoS attacks are also increasingly lucrative, with crooks demanding payment from victims in return for shutting off the flood of traffic. According to Cloudflare, in the fourth quarter 2022, 16 percent of victims said they were targeted by ransom DDoS attacks, compared with 10 percent in Q1 2022.

Cloudflare said the weekend incidents from unknown…

Source…