Sep 21 2022

Imperva blocked a record DDoS attack with 25.3 billion requests

Category: DDoSDISC @ 8:23 am

Imperva blocked a record DDoS attack with 25.3 billion requests

Cybersecurity company Imperva announced to have mitigated a distributed denial-of-service (DDoS) attack with a total of over 25.3 billion requests.

Cybersecurity firm Imperva mitigated a DDoS attack with overĀ 25.3 billion requests on June 27, 2022. According to the experts, the attack marks a new record forĀ Impervaā€™s application DDoS mitigation solution.

The attack targeted an unnamed Chinese telecommunications company and outstands for its duration, it lasted more than four hours and peaked at 3.9 million RPS.

ā€œOn June 27, 2022, Imperva mitigated a single attack with overĀ 25.3 billion requests, setting a new record forĀ Impervaā€™s application DDoS mitigation solutionā€Ā readsĀ the announcement. ā€œWhile attacks with over one million requests per second (RPS) arenā€™t new, weā€™ve previously only seen them last for several seconds to a few minutes. On June 27, Imperva successfully mitigated a strong attack that lasted more than four hours and peaked at 3.9 million RPS.ā€

DDoS record Imperva 21 Sept 22.png

The Chinese telecommunications company was already targeted by large attacks in the past, and experts added that two days later a new DDoS attack hit its website, although the attack was shorter in duration.

The average rate for this record-breaking attack was 1.8 million RPS. Threat actors used HTTP/2 multiplexing, or combining multiple packets into one, to send multiple requests at once over individual connections.

The technique employed by the attackers is difficult to detect and can bring down targets using a limited number of resources.

ā€œSince our automated mitigation solution is guaranteed to block DDoS in under three seconds, we estimate that the attack could have reached a much greater rate than our tracked peak of 3.9 million RPS.ā€ continues Imperva.

This specific attack was launched botnet composed of almost 170,000 different IPs, including routers, security cameras and compromised servers. The compromised devices are located in over 180 countries, most of them in the US, Indonesia, and Brazil.

On Monday, September 12, 2022, AkamaiĀ mitigatedĀ the largest DDoS attack ever that hit one of its European customers. The malicious traffic peaked at 704.8 Mpps and appears to originate from the same threat actor behind the previous record that AkamaiĀ blockedĀ in July and that hit the same customer.

AWS Best Practices for DDoS Resiliency (AWS Whitepaper)Ā 

Tags: DDoS Attack

Sep 16 2022

Akamai Mitigated Record-Breaking DDoS Attack Against European Customer

Category: DDoSDISC @ 10:36 am
Akamai Mitigated Record-Breaking DDoS Attack Against European Customer

On Monday, 12th September 2022, cybersecurity firm Akamai mitigated a distributed denial of service attack (DDoS Attack), which has been declared a record-breaking attack in terms of packets-per-second compared to the attack Akamai recorded in July.

For your information, cybercriminals bombard servers with fake requests and traffic to prevent legit visitors from accessing their services in a DDoS attack.

The primary targets of the attack Akamai recorded recently were European companies. It peaked at 704.8 million packets per second, marking the second attack on such a massive scale against the same customer within a short span of three months.

According to Akamaiā€™s Craig Sparling, prior to June 2022, this customer only saw attack traffic against its primary data center. However, unexpectedly, the attack campaign expanded, hitting six different global locations, from Europe to North America.

Akamai Prolexicā€™s DDoS specialization culture, focus on customer infrastructure designs, and history are rooted in defending the most complex, multifaceted attacks, and our platform is equipped with purpose-built tooling for rapid threat mitigation, even in the ā€˜fog of war.

Sean Lyons, Senior Vice President and General Manager of Infrastructure Security

The attack was thwarted on the same day it was identified. Though not the largest DDoS attack ever, this one raised eyebrows because it was the largest attack against European organizations. The attackers used UDP as their DDoS vector and ICMP, SYN, RESET floods, TCP anomaly, PUSH flood, etc.

Attackers managed to target more than 1,800 IP addresses of a single organization, and the attack was dispersed at six different locations. Akamai noted that this attack originated from the same threat actor that targeted it previously, while the target is also the same unnamed customer based in Eastern Europe.

Previously, the attacker targeted the companyā€™s primary data; this time, they could target 6 data center locations in North America and Europe.

Akamai Mitigated a Massive DDoS Attack Against its European Customer

As shown above, Akamai recorded a humongous 659.6 MPPS DDoS attack back in July. The latest attack was 7% higher than the one in July. The company received 74 DDoS attacks before July, and around 200 attacks afterward. The company stated that this campaign indicates attackers continuously improve their attack techniques to evade detection.

Akamai Mitigated a Massive DDoS Attack Against its European Customer

Distributed Denial of Service Attacks: Real-world Detection and Mitigation

Tags: DDoS Attack, Distributed Denial of Service Attacks