- Cloudflare claims to have blocked a 5.6 Tbps DDoS attack in October 2024
- The attack came from a Mirai botnet
- It included 13,000 IPs and lasted 80 seconds
Cloudflare claimed to have recently blocked the largest distributed denial of service (DDoS) attack on record.
In a blog post, the company said that as of late October 2024, its defense mechanisms blocked a 5.6 Tbps User Datagram Protocol (UDP) DDoS attack. To put things in perspective, the (now) second largest DDoS attack ever was 3.8 Tbps, also blocked by Cloudflare, also in October 2024.
The company said the attack was launched by a Mirai botnet and targeted an East Asian Internet Service Provider (ISP).
Shorter but more violent
The attack lasted just over a minute (80 seconds) and involved more than 13,000 Internet of Things (IoT) devices, it was reported.
As attackers change their strategies to better adapt to the changing DDoS threat landscape, attacks are typically becoming shorter in duration, but more intense and more frequent.
Despite its destructive potential, the attack caused no damage, Cloudflare said, since detection and mitigation were entirely autonomous.
“This required no human intervention, triggered no alerts, and caused no performance degradation,” Cloudflare said. “The systems worked as expected.”
The researchers also pointed out that although the total number of unique source IP addresses was around 13,000, the average unique source IP addresses per second was 5,500. Each of the 13,000 IP addresses contributed less than 8 Gbps per second, while the average contribution of each IP address per second was approximately 1 Gbps (~0.012% of 5.6 Tbps).
Mirai is one of the most infamous botnets. Its source code was leaked in 2017, after which different malicious actors began creating their own variants. Today, Mirai and its variants often make headlines, targeting different organizations with large-scale DDoS attacks. Just this week, security researchers observed two variants, “gayfemboy” and “Murdoc Botnet.”
