A crypto platform has been hit by one of the most powerful DDoS attacks ever.
DDoS attacks on Crypto Platform
The onslaught was delivered through HTTPS, which puts more strain on a target, and it suggests that attackers are getting more powerful.
A Cryptocurrency platform was recently the target of one of the largest distributed denial of service assaults (DDoS attacks) ever recorded, according to Cloudflare, a content delivery network. Threat actors attacked the platform with 15.3 million requests.
What is a DDoS attack?
DDoS attacks can be quantified in a variety of ways, including the amount of data transferred, the number of packets sent per second, and the number of requests sent per second. Volumetric DDoS attacks, which seek to devour all bandwidth available to the target, have set new records of 3.4 terabits per second, 809 million packets per second, and 17.2 million requests per second. The power of application-layer assaults, which aim to exhaust the computing resources of a target’s infrastructure, is measured in the last two records.
The recent DDoS attack mitigation by Cloudflare reached a peak of 15.3 million requests per second. The assault may have been more potent than the record because it was transmitted via HTTPS requests rather than the HTTP queries used in the record. This new attack had the potential to put a lot greater burden on the target because HTTPS queries are significantly more compute-intensive.
The number of resources needed to deliver the HTTPS request flood was also higher, demonstrating that DDoSers are becoming more powerful. According to Cloudflare, the botnet responsible for the attack, which consists of over 6,000 bots, has sent payloads as high as 10 million requests per second. The attack was launched by 112 countries, with Indonesia providing around 15% of the firepower, followed by Russia, Brazil, India, Colombia, and the United States.
“The DDoS attack originated from over 1,300 separate networks within those nations,” Cloudflare researchers Omer Yoachimik and Julien Desgats stated. As DDoSers migrate away from residential network ISPs to cloud computing ISPs, they asserted the flow of traffic was primarily coming from data centers. Hetzner Online (Autonomous System Number 24940), Azteca Comunicaciones Colombia (ASN 262186), and OVH in France were among the top data center networks engaged (ASN 16276). Routers in homes and small offices were also used as sources.
“In this DDoS attack case, the attacker was exploiting compromised cloud hosting providers’ servers, some of which appeared to be running Java-based apps.” This is noteworthy because a vulnerability (CVE-2022-21449) was recently discovered that can be leveraged to overcome authentication in a wide range of Java-based apps,” Patrick Donahue, Cloudflare’s VP of product, stated in an email. “A large number of MikroTik routers were also exploited in the attack, most likely leveraging the same vulnerability as the Meris botnet.”
The assault lasted approximately 15 seconds. Cloudflare mitigated the problem by deploying systems throughout its network of data centers that identify traffic spikes and promptly filter out the sources. Cloudflare didn’t reveal who the target was, only that it ran a crypto launchpad, which is a platform that helps people fund their cryptocurrency projects.
The figures highlight the arms race between attackers and defenders, with one trying to outdo the other. It’s not out of the question that a new record will be set in the following months.
Also, Read about Ronin’s $600 Million crypto theft
