Cloudflare has spotted an extraordinary distributed denial of service attack (DDoS), which reached a high of 26 million requests per second, according to a statement released by the tech giant on Tuesday.
The company’s distributed denial-of-service defenses were successful in stopping a record-breaking HTTPS DDoS attack that included the never-seen-before 26 million requests per second last week.
According to the findings of the online performance and security firm, the attack, which was aimed at an unknown client website, was carried out by a “powerful” botnet consisting of 5,067 nodes, each of which delivered about 5,200 RPS at peak.
There are allegations that 212 million HTTPS requests were produced in less than 30 seconds by over 1,500 networks spread over 121 countries, including India, Indonesia, the United States of America, Brazil, and Russia. As more information became available, it has been uncovered that Tor nodes were used in the attack at a percentage of around 3 percent.
According to Omer Yoachimik from Cloudflare, the attack originated primarily from Cloud Service Providers rather than Residential Internet Service Providers. This suggests that hijacked virtual machines and powerful servers were used in the attack rather than significantly less powerful Internet of Things (IoT) devices.
Researchers are noting that launching an HTTPS-based DDoS attack is a more expensive proposition because establishing a secure TLS encrypted connection requires more processing resources.
Over the course of the last several months, Cloudflare has successfully thwarted two significant HTTPS DDoS attacks. According to the company, a late April 2022 attack on the cryptocurrency launchpad of a client was successfully defended against.
In the company’s DDoS attack trends report for the first quarter of 2022, it was found that the amount of volumetric DDoS attacks that were more than 100 Gbps had increased by 645% over the previous quarter.
In order to generate a denial-of-service event, an attack with a high bit rate will block the connection to the internet, while an attack with a high packet rate will attempt to overload the servers, routers, or any other in-line hardware appliances. Dropping high packet rates has the impact of creating service interruptions and possibly service denials for end customers since the attacked equipment will be unable to manage them when the high packet rates are dropped.