Huge DDoS Attack over HTTPS is Discovered and Stopped


Attackers used 6000 bots from 112 countries -- including insecure IoT devices

The security company Cloudflare has announced that it detected and mitigated a 15.3 million request-per-second (rps) denial of service attack, which the company called “one of the largest HTTPS attacks on record.” Although larger attacks have occurred on the open Internet, mounting a DDoS attack over HTTPS encrypted connections requires significantly more resources, which means that the scope of this attack is quite remarkable. According to Cloudflare, the botnet used for the attack consisted of 6000 unique bots from 1300 different networks in 112 countries.

In recent years, attackers have begun to employ IoT devices in their botnets, leading to a vast increase in the number of available devices. At the same time, the extortion market has become more lucrative. In a typical scenario, attackers will launch a DDoS attack, then force the network owner to pay a ransom to stop the attack. In this case, Cloudflare was able to thwart the attack using a signature-based approach to analyzing the traffic and stopping requests that appeared to be part of the attack.

For more information, see the blog post on the Cloudflare website.


Related content

comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs

Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.

Learn More”>


		<div class=