Cloudflare registered one of the largest HTTPS DDoS-attacks targeting the crypto service
Cloudflare, a company that helps maintain the security, privacy, and speed of online services, has mitigated one of the largest HTTPS DDoS attacks registered to date. The company said 15.3 million requests per second occurred during the attack.
A massive attack is different from a regular attack on bandwidth, where attackers try to deplete and block the victim’s internet bandwidth. During the massive attack, the attackers focused on sending a huge number of unwanted HTTP requests to the server to fully utilize its CPU and RAM – and ordinary users could not get to the site.
The 15-second attack was launched from a botnet of approximately 6,000 individual bots from 122 countries. Almost 15% of traffic came from Indonesia. Next on the list were Russia, Brazil, India, Colombia and the United States.
Cloudflare said that while it wasn’t the biggest application-level attack, it was the biggest they’ve seen via HTTPS.
“HTTPS DDoS attacks are more expensive in terms of required computational resources because of the higher cost of establishing a secure TLS encrypted connection.
Therefore it costs the attacker more to launch the attack, and for the victim to mitigate it. We’ve seen very large attacks in the past over (unencrypted) HTTP, but this attack stands out because of the resources it required at its scale,” commented Cloudflare.
The attack was aimed at the “crypto launch pad”, which, according to the company, was used to show decentralized finance projects to potential investors.
Cloudflare has previously announced the stopping of the largest DDoS attack among those they dealt with in August 2021. At that time, there were 17.2 million HTTP requests per second. The report states that the current attack came from a botnet that the company had already tracked through previous attacks.
“What’s interesting is that the attack mostly came from data centers. We’re seeing a big move from residential network Internet Service Providers (ISPs) to cloud compute ISPs,” explains Cloudflare.
It is known that the attack came from 1300 different networks. Among the most popular were the German provider Hetzner Online GmbH, Azteca Comunicaciones from Colombia, French OVH and others.