Cloudflare said it thwarted the largest ever volumetric DDoS attack, which it witnessed on Thursday.
The attack, which was launched from a Mirai botnet, took place last month and targeted an unidentified customer in the financial industry.
“Within seconds, the botnet bombarded the Cloudflare edge with over 330 million attack requests,” the company noted, at one point reaching a record high of 17.2 million requests-per-second (rps), making it three times bigger than previously reported HTTP DDoS attacks.
A volumetric DDoS attack is a type of attack that uses reflective amplification techniques and tries to overwhelm a specific network’s bandwidth. The attacks is usually launched from a network of compromised computers, IoT devices, and servers. With the help of these devices, threat actors can direct their harmful traffic towards the targets to cause as much disruption as possible.
The Thursday’s attack was carried out by over 20,000 bots located in 125 countries. Most traffic originated from Indonesia, Brazil, Russia, India, and Ukraine.
The 17.2 million of HTTP requests processed by Cloudflare accounted for 68% of the company’s average rps rate which is 25 million.
Similar attacks have been detected before. According to Cloudflare, the same Mirai botnet was used in an attack that targeted a web hosting provider and reached nearly 8 million rps.
Cloudflare also said another Mirai-variant botnet was also observed in distributed denial of service attacks against a gaming company and a major Asia-Pacific internet service provider.
“While the majority of attacks are small and short, we continue to see these types of volumetric attacks emerging more often,” Cloudflare said. “It’s important to note that these volumetric short burst attacks can be especially dangerous for legacy DDoS protection systems or organizations without active, always-on cloud-based protection.”