Web protection company Cloudflare over the weekend mitigated a record-setting distributed denial-of-service (DDoS) attack that peaked at 71 million requests per second (RPS).
The assault, the company says, was the largest HTTP DDoS attack on record, but was not the only one observed this past weekend.
In fact, Cloudflare identified and mitigated dozens of DDoS attacks at the end of last week, most of which peaked between 50-70 million RPS.
The wave of assaults was far higher than previously recorded HTTP DDoS attacks. The largest was 35% higher than a 46 million RPS DDoS attack seen by Google in June 2022.
“The attacks were HTTP/2-based and targeted websites protected by Cloudflare. They originated from over 30,000 IP addresses,” Cloudflare says.
HTTP DDoS attacks consist of large amounts of HTTP requests directed at the targeted website. If the number of requests is high enough, the server is no longer able to process them, and the website becomes unresponsive.
Originating from multiple cloud providers, the DDoS attacks targeted the websites of cryptocurrency firms, cloud computing platforms, a gaming provider, and hosting providers.
According to Cloudflare, the attacks do not appear to be related to the Killnet DDoS campaign that targeted healthcare providers two weeks ago, nor to the US Super Bowl gaming event that took place this weekend.
The company notes that the frequency, size, and sophistication of DDoS attacks has been constantly increasing over the past years. The number of HTTP DDoS attacks observed in 2022 almost doubled compared to 2021.
Last week, the Tor Project revealed that the Tor network had been under constant DDoS pressure for seven months, with some of the attacks preventing users from accessing websites.
Related:Pro-Russian Group DDoS-ing Governments, Critical Infrastructure in Ukraine, NATO Countries
Related:Zerobot IoT Botnet Adds More Exploits, DDoS Capabilities
Related: US Charges Six in Operation Targeting 48 DDoS-for-Hire Websites
SecurityWeek RSS Feed
