Cloudflare, a company that specialises in web security has confirmed that they have successfully stopped what they believe to be one of the largest distributed denial-of-service or DDoS attacks on record, which targeted an unnamed cryptocurrency company. The attack was detected and mitigated automatically by Cloudflare’s defense systems, which were set up for one of its customers on a paid plan. At its peak, the attack reached a massive 15.3 million requests-per-second (rps) which, according to Cloudflare, makes it the largest HTTPS DDoS attack ever mitigated by the company.
The attack reportedly lasted less than 15 seconds and targeted a crypto launchpad, which Cloudflare analysts in a blog post said are “used to surface Decentralised Finance (DeFi) projects to potential investors.”
The blog post adds that the botnet used by the attacker comprised of about 6,000 unique bots that originated from more than 1,300 different networks in 112 countries around the world, with about 15 percent of the traffic coming from Indonesia. Other countries generating the most traffic included Russia, Brazil, India, Colombia and the US.
Cloudflare researchers didn’t name the botnet but said it was one that they’ve been watching and had seen attacks as large as 10 million rps that matched the same fingerprint.
As described by Cloudflare, a distributed denial-of-service (DDoS) attack is essentially an attempt to “maliciously disrupt the normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.”
“DDoS attacks achieve effectiveness by utilising multiple compromised computer systems as sources of attack traffic. Exploited machines can include computers and other networked resources such as IoT devices,” adds Cloudflare.
In an HTTPS attack – such as the one used this time to target the crypto platform, the botnet attempts to overwhelm the target’s server with a massive number of requests, with an attempt to consume compute power and memory with the same goal of making it near impossible for legitimate users to access the website.
“HTTPS DDoS attacks are more expensive in terms of required computational resources because of the higher cost of establishing a secure TLS encrypted connection,” the Cloudflare threat-hunters wrote. “Therefore, it costs the attacker more to launch the attack, and for the victim to mitigate it. We’ve seen very large attacks in the past over (unencrypted) HTTP, but this attack stands out because of the resources it required at its scale.”