2 min Security

Cloudflare blocks biggest DDoS attack ever

Cloudflare blocks biggest DDoS attack ever

Cloudflare recently managed to repel the largest DDoS attack ever. The global attack via compromised network equipment lasted a month and peaked at a whopping 3.8 Terabits per second (Tbps) of transmitted data.

Cloudflare automatically repelled the largest DDoS attack ever in the month of September this year. This was a DDoS attack that targeted the L3/L4 network layers of affected companies.

For a month, these specific network layers were bombarded with more than 100 so-called “hyper-volumetric” DDoS attacks to flood the network infrastructure of targets with garbage data.

In a volumetric DDoS attack, the target is bombarded with data until the bandwidth becomes saturated or the processing capabilities of network devices or applications are exhausted. This results in legitimate users being denied access to the networks or devices/applications.

Peak of 3.8 Tbps

These recent attacks often saw peaks of more than 2 billion packets (2 Bpps) and 3 Terabits (Tbps) per second, according to Cloudflare. The highest peak in this attack and ever recorded even reached 3.8 Tbps.

Targets of the attacks included companies in the financial services, telecom and Internet service industries.

Read more: Cloudflare moves to block free AI bots

Source of attack

The source of the attacks was worldwide, but mainly came from countries such as Russia, Vietnam, the United States, Brazil and Spain. The hackers who launched the attack used compromised network devices, including Mikrotik systems, DVRs, and web servers.

Especially compromised Asus routers were a favorite tool in this attack. This is because these routers were vulnerable to being exploited by the critical CVE-2024-3080 vulnerability discovered earlier this year.

Furthermore, this large-scale attack exploited the User Datagram Protocol (UDP) on a fixed port. This protocol allows for fast data transfer but does not require a formal connection to be set up, Cloudflare points out.

Also read: DDoS attacks are becoming more complex and frequent