The DDoS mitigation vendor said its customers were hit by a wave of massive attacks over the weekend designed to flood a website with HTTP requests.
In a blog post, Cloudflare explained that it was forced to mitigate dozens of “hypervolume” DDoS attacks launched from over 30,000 IP addresses.
“Most of the attacks peaked in the ballpark of 50-70 million requests per second (rps), with the largest exceeding 71 million rps. This is the largest HTTP DDoS attack on record. , more than 35% higher than the record of 46 million rps reported in June 2022.”
“Attacked websites included popular game providers, cryptocurrency companies, hosting providers and cloud computing platforms. We have been working with them to crack down on
This campaign follows the trend of recent DDoS attacks in that they are not only growing in scale, but originate from IP addresses within the cloud computing ecosystem.
According to CompTIA, volumetric attacks are actually the least common form of DDoS, far less common than application-layer or protocol attacks.
However, Cloudflare warns that HTTP DDoS attacks increased 79% year over year in Q4.
Additionally, the volume of volumetric attacks over 100 Gbps increased 67% quarter-on-quarter, and the number of attacks lasting three hours or longer increased 87% quarter-on-quarter.
“Attackers are also getting bolder. Our latest DDoS Threat Report confirms a steady increase in ransom DDoS attacks throughout the year. 1 in 1 reported being exposed to a ransom DDoS attack or threat.”
Contracted DDoS services make it relatively easy for attackers to launch attacks today. As Cloudflare puts it, “the more you pay, the larger and longer the attack.”
Editorial Credit Icon Image: photo_gonzo / Shutterstock.com
