3 min Security

Google claims it blocked the largest DDoS attack ever

Google claims it blocked the largest DDoS attack ever

Google claims to have blocked the largest DDoS attack ever. During the attack, the number of HTTPS requests peaked at 46 million per second. The Meris botnet was likely behind the attack.

According to Google, this was the largest Layer 7 DDoS attack ever. The attack was aimed at disrupting the Internet services of one of Google Cloud’s customers.

The attack of as many as 46 million requests per second was carried out based on HTTPS requests. This is comparable to all daily access requests to Wikipedia in just 10 seconds. It made the attack up to a factor of 76 more powerful than another similar HTTPS attack discovered by Cloudflare around the same time, June this year. This attack occurred at 26 million requests per second

Attack sequence

Initially, the Google Cloud Armor anti-DDoS service observed an attack of around 10,000 requests per second. This then escalated to 100,000 requests within 8 minutes.

The Cloud Armor service immediately took action, generated an alert and began blocking the malicious web traffic. In the following two minutes, the malicious traffic continued to escalate, peaking at 46 million requests per second.

The anti-DDos services managed to repel the attack, which failed to disrupt the customer’s Internet services. After a few minutes, the malicious traffic then decreased in size. A little over an hour later, the attack was over. It is likely that the attackers realized that they were not getting the impact they wanted, according to Google Cloud.

Cloud Armour allows a basic model of normal Internet traffic to be mapped to customer websites. The service can also regulate traffic to these sites, allowing customers to cut off malicious traffic while allowing legitimate traffic to occur undisturbed.

Meris botnet likely responsible

From further investigation, the public cloud giant finds that the attack was probably carried out by the Meris botnet. This botnet consists of infected modems and routers of MikroTik. The botnet is notorious for several major DDoS attacks. For example last year on the Russian search engine Yandex.

According to various security experts, DDoS attacks have been on the increase recently. According to Kaspersky researchers, this type of attack reached an all-time high in the first quarter of this year. The percentage of attacks was as much as 46 percent higher than in the last quarter of 2021.

Also read: Cloudflare fends off largest HTTPS DDoS attack of all time