1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • The largest ever DDoS attack has just been blocked - here's how i

    From TechnologyDaily@1337:1/100 to All on Fri Oct 4 13:15:05 2024
    The largest ever DDoS attack has just been blocked - here's how it was done

    Date:
    Fri, 04 Oct 2024 12:04:00 +0000

    Description:
    Cloudflare mitigated a 3.8Tbps DDoS attack against an unnamed company.

    FULL STORY ======================================================================

    Cloudflare has claimed to have recently mitigated the biggest Distributed Denial of Service ( DDoS ) attack in history.

    In a company blog post , Cloudflare outlined how, throughout September 2024, an unnamed threat actor targeted multiple customers in the financial
    services, internet, and telecommunication industries, among others.

    Without naming any specific targets, Cloudflare said that the attack campaign targeted bandwidth saturation, as well as resource exhaustion of in-line applications and devices. Bots across the world

    The attack included over one hundred hyper-volumetric L3/4 DDoS attacks, many of which exceeded 2 billion packets per second (Bpps), and 3 terabits per second (Tbps).

    A hyper-volumetric L3/4 DDoS attack is a type of DDoS attack targeting layers 3 (network) and 4 (transport) of the OSI model (framework that standardizes network communication). It overwhelms the targets bandwidth or network infrastructure with massive amounts of traffic, often using techniques like UDP floods or TCP SYN floods. The goal is to exhaust the resources of the target system, making it unavailable to legitimate users.

    Of all the attacks, one stood out - when it peaked at 3.8 Tbps. This is, according to Cloudflare, the largest ever disclosed publicly by any organization. It predominantly leveraged UDP on a fixed port, the company said, and originated from across the globe. The majority of the endpoints
    used in the attack came from Vietnam, Russia, Brazil, Spain, and the US.

    Detection and mitigation was all automatic, Cloudflare says. It added that
    the key reason why it was able to tackle it was because the company has servers across the world, which essentially water down incoming botnet traffic.

    Generally, DDoS attacks are done via botnets - vast networks of compromised endpoints such as routers, smart home devices, and similar. These attacks included traffic from MikroTik devices, DVRs, and web servers, as well as compromised ASUS home routers, which were likely exploited using a CVE 9.8 (Critical) vulnerability that was recently discovered by Censys.

    Before this one, the largest-ever observed DDoS attack was 3.47 Tbps strong, and was mitigated by Microsoft in November 2021 .

    Via PCMag More from TechRadar Pro This sneaky Linux malware went undetected for years, and is using all-new attack tactics Here's a list of the best firewall software around today These are the best endpoint security tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/the-largest-ever-ddos-attack-has-just-b een-blocked-heres-how-it-was-done


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)