Categories
Computing

Google just thwarted the largest HTTPS DDoS attack in history

Google has confirmed that one of its cloud customers was targeted with the largest HTTPS distributed denial-of-service (DDoS) attack ever reported.

As reported by Bleeping Computer, a Cloud Armor client was on the receiving end of an attack that totaled 46 million requests per second (RPS) at its peak.

Getty Images

The aforementioned figure means it’s the largest such attack in history — it’s more than double the previous record holder (up by nearly 80%, to be exact); a 26 million RPS attempt blocked by Cloudflare during June.

The latest incident commenced on June 1 with an initial goal of directing 10,000 RPS toward the HTTP/S Load Balancer. Within eight minutes, that number increased ten-fold to 100,000 RPS, triggering Google’s Cloud Armor Protection by creating an alert derived from traffic analysis data.

Once the ten-minute mark was reached, an unprecedented 46 million requests per second were being sent toward the victim.

These numbers may not mean much to those who aren’t familiar with the nature of HTTPS DDoS attacks, but for reference, Google stated that it was equal to receiving all daily requests Wikipedia receives in the span of 10 seconds.

With the target performing Cloud Armor’s recommended rule for this situation, its operations were able to continue without being affected.

A depiction of a hacker using a laptop.

The sheer amount of traffic that was being sent toward the cloud service lasted for more than an hour. “Presumably the attacker likely determined they were not having the desired impact while incurring significant expenses to execute the attack,” Google said in its report.

Researchers from Google detailed that traffic from the HTTPS DDoS incident was delivered via 5,256 IP addresses situated across 132 countries. And it wasn’t carried out by an amateur; due to the use of encrypted requests (HTTPS), devices involved in the operation could theoretically have been backed by powerful computing resources.

As for the specific type of malware connected to the attack, Google was unable to identify an exact name. That said, analyzing where the onslaught emerged from indicates the involvement of Mēris, which is a botnet behind two previous DDoS record holders (17.2 million RPS and 21.8 million RPS, respectively).

Prior to Google’s report on the new record, the largest ​​HTTPS DDoS attack in history — achieved via a botnet of 5,067 devices — was recorded by DDoS mitigation company Cloudflare.

DDoS assaults in general are on the rise, with Cloudflare reporting a 175% increase in such incidents during the fourth quarter of 2021 alone. Microsoft itself managed to prevent the largest DDoS attack ever (not to be confused with HTTPS DDoS), which reached 3.47 terabits per second.

Editors’ Choice




Repost: Original Source and Author Link

Categories
Security

Hackers just launched the largest HTTPS DDoS attack in history

The largest ​​HTTPS distributed denial-of-service (DDoS) attack in history materialized last week, Cloudflare has confirmed.

Cloudflare, which specializes in DDoS mitigation, announced that it successfully prevented the record-breaking onslaught before it could inflict any real damage.

Getty Images

As reported by Bleeping Computer, the company revealed that it recorded a 26 million requests per second distributed denial-of-service (DDoS) attack.

It should be stressed that this is an HTTPS-based DDoS attempt as opposed to the more traditional, standard DDoS attacks. In any case, the intended target was a Cloudflare client utilizing the service’s Free plan.

Bleeping Computer explains that the perpetrator probably relied on hijacked servers and virtual machines due to the fact that the attack stemmed from Cloud Service Providers.

Interestingly, ​​whoever was behind the attack managed to concentrate all its firepower with a botnet of 5,067 devices, which is a relatively small number considering the scale of the assault. Every single device was capable of delivering around 5,200 requests per second (rps) at its peak.

“To contrast the size of this botnet, we’ve been tracking another much larger but less powerful botnet of over 730,000 devices,” said Cloudflare product manager Omer Yoachimik. “The latter, larger botnet wasn’t able to generate more than one million requests per second, i.e., roughly 1.3 requests per second on average per device. Putting it plainly, this botnet was, on average, 4,000 times stronger due to its use of virtual machines and servers.

A HTTP DDoS attack that was recorded during August 2021 saw around 17.2 million requests per second being generated. More recently, a mitigated 15.3 million rps attack that occurred in April 2022 saw around 6,000 bots being used in order to infiltrate a Cloudflare client who was running a crypto launchpad.

“HTTPS DDoS attacks are more expensive in terms of required computational resources because of the higher cost of establishing a secure TLS encrypted connection,” Yoachimik added. “Therefore, it costs the attacker more to launch the attack, and for the victim to mitigate it. We’ve seen very large attacks in the past over (unencrypted) HTTP, but this attack stands out because of the resources it required at its scale.”

Specifically, the botnet that was put to work in the unprecedented 26 million rps DDoS attack managed to deliver over an astronomical 212 million HTTPS requests within a period of just 30 seconds. This was achieved due to requests stemming from more than 1,500 networks located in 121 countries around the globe.

2022 in particular has seen hackers and threat actors intensify their DDoS attack efforts. Microsoft, for example, halted the largest DDoS attack ever recorded (3.47 terabits per second), while Cloudflare itself stated that this category of cybercrime is aggressively progressing.

Cyber criminal activity in general is on the rise across the board — ransomware gangs have found new ways to evolve their operations, zero-day hacks (described as “one of the most advanced attack methods”) are showing no signs of slowing down, and sensitive information is easily exposed and sold.

Microsoft has even launched an initiative as a response to the increasingly growing threat of cybercrime by offering its in-house security services to businesses.

Editors’ Choice




Repost: Original Source and Author Link