Cloudflare says it blocked a new record powerful DDoS attack
Hackers are once again breaking records with some massive distributed denial-of-service attacks (DDoS (opens in a new tab)), with DDoS mitigation company Cloudflare claiming that it recently blocked an attack that, at its peak, exceeded 71 million requests per second (rps).
That makes the attack the largest-ever reported HTTP DDoS incident, surpassing the previous attack (46 million rpm attack from June 2022) by more than a third. (35%).
This particular issue is based on HTTP/2 and has deployed over 30,000 IP addresses, Cloudflare adds. It was part of a larger campaign, which included “dozens” of hyper-volume incidents, most of which peaked around 50-70 million rpm.
More and more dangerous
Anonymous attackers have targeted a variety of companies, from popular game providers to cryptocurrency companies, hosting providers, and cloud computing platforms. Furthermore, endpoints belonging to “multiple cloud service providers” were also used in these attacks.
According to Cloudflare, the size, complexity, and frequency of DDoS attacks have increased over the past months, which is worrisome. The number of HTTP DDoS attacks increased by nearly four-fifths (79%) over the same period last year, while the number of large attacks exceeding 100 Gbps increased by more than two-thirds (67%) quarter-on-quarter. During the same time period, the number of attacks lasting more than three hours also increased by 87%.
The researchers also say that attackers are getting bolder. They said ransomware attacks have steadily increased throughout the year, peaking in November 2022. At that time, one in four businesses reported being attacked or DDoS threats for ransom.
In a ransom DDoS attack, the threater launches a powerful distributed denial-of-service attack and demands payment in cryptocurrency to stop the attack. DDoS attacks are also sometimes used as a follow-up attack after a ransomware infection, to disrupt both the front-end and back-end of a company.