Web infrastructure and security company Cloudflare on Tuesday said it detected and blocked a 5.6 Terabit per second (Tbps) distributed denial-of-service (DDoS) attack, the largest ever attack to be reported to date.
The UDP protocol-based attack took place on October 29, 2024, targeting one of its customers, an unnamed internet service provider (ISP) from Eastern Asia. The activity originated from a Mirai-variant botnet.
“The attack lasted only 80 seconds and originated from over 13,000 IoT devices,” Cloudflare’s Omer Yoachimik and Jorge Pacheco said in a report.
That said, the average unique source IP address observed per second was 5,500, with the average contribution of each IP address per second around 1 Gbps.
The previous record for the largest volumetric DDoS assault was also reported by Cloudflare in October 2024, which peaked at 3.8 Tbps.
Cloudflare also revealed it blocked approximately 21.3 million DDoS attacks in 2024, a 53% increase from 2023, and that the amount of attacks exceeding 1 Tbps grew by 1,885% quarter-over-quarter. In the fourth quarter of 2024 alone, as many as 6.9 million DDoS attacks were mitigated.
Some of the other notable statistics observed during Q4 2024 are listed below –
Known DDoS botnets accounted for 72.6% of all HTTP DDoS attacks
The top three most common Layer 3/Layer 4 (network layer) attack vectors were SYN floods (38%), DNS flood attacks (16%), and UDP floods (14%)
Memcached DDoS attacks, BitTorrent DDoS attacks, and ransom DDos attacks witnessed a 314%, 304%, and 78% QoQ increase, respectively
About 72% of HTTP DDoS attacks and 91% of network layer DDoS attacks end in under ten minutes
Indonesia, Hong Kong, Singapore, Ukraine, and Argentina were the largest sources of DDoS attacks
China, the Philippines, Taiwan, Hong Kong, and Germany were the most attacked countries
Telecommunications, internet, marketing, information technology, gambling were the most attacked sectors
The development comes as cybersecurity companies Qualys and Trend Micro revealed that offshoots of the notorious Mirai botnet malware are targeting Internet of Things (IoT) devices by exploiting known security flaws and weak credentials to use them as conduits for DDoS attacks.
Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.
“}]] The Hacker News
