Internet services provider
Cloudflare has announced that it has successfully protected one of its clients from one of the most powerful DDoS (Distributed-Denial-of-Service) attacks in history. According to the services provider, an undisclosed cryptocurrency platform was targeted by a botnet comprising around 6,000 "zombie" computers distributed throughout 112 different countries. The botnet ultimately generated a collective 15.3 million requests per second. While that's still shy of the largest recorded metric - set at 17.2 million requests per second - the fact that the DDoS attack occurred through HTTPS likely pushed its complexity above the record-setting attack, due to the higher computational workload of secure HTTP. The attack lasted 15 seconds.
DDoS attacks aim to flood a network with requests and data packets in a bid to overload and paralyze it. The attack also showcases the ingenuity of bad actors, as the originated from cloud-based ISPs, as attackers leverage more complex and capable networking hardware than what's usually offered by last-mile ISPs. According to Cloudflare, the botnet seems to have mostly compromised systems with Java-based applications that were still open to the recently-discovered
CVE-2022-21449 vulnerability.