Cloudflare, a company that specialises in web security has confirmed that they have successfully stopped what they believe to be one of the largest distributed denial-of-service or DDoS attacks on record, which targeted an unnamed cryptocurrency company. The attack was detected and mitigated automatically by Cloudflare’s defense systems, which were set up for one of its customers on a paid plan. At its peak, the attack reached a massive 15.3 million requests-per-second (rps) which, according to Cloudflare, makes it the largest HTTPS DDoS attack ever mitigated by the company.
The attack reportedly lasted less than 15 seconds and targeted a crypto launchpad, which Cloudflare analysts in a blog post said are “used to surface Decentralised Finance (DeFi) projects to potential investors.”
The blog post adds that the botnet used by the attacker comprised of about 6,000 unique bots that originated from more than 1,300 different networks in 112 countries around the world, with about 15 percent of the traffic coming from Indonesia. Other countries generating the most traffic included Russia, Brazil, India, Colombia and the US.
Cloudflare researchers didn’t name the botnet but said it was one that they’ve been watching and had seen attacks as large as 10 million rps that matched the same fingerprint.
As described by Cloudflare, a distributed denial-of-service (DDoS) attack is essentially an attempt to “maliciously disrupt the normal traffic of a targeted server, service or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.”
“DDoS attacks achieve effectiveness by utilising multiple compromised computer systems as sources of attack traffic. Exploited machines can include computers and other networked resources such as IoT devices,” adds Cloudflare.