Record DDoS attack with 25.3 billion abused requests HTTP/2 multiplexing

Cybersecurity firm Imperva revealed that it mitigated a Distributed Denial of Service (DDoS) attack with a total of over 25.3 billion requests on June 27, 2022.

The “heavy attack”, which targeted an unnamed Chinese telecommunications company, reportedly lasted four hours and peaked at 3.9 million requests per second (RPS).

“Attackers used HTTP/2 multiplexing, or combining multiple packets into one, to send multiple requests over individual connections at once,” Imperva said in a September 19 report.

The attack was launched from a botnet that included nearly 170,000 different IP addresses covering compromised routers, security cameras and servers located in more than 180 countries, mainly in the United States, Indonesia and the United States. Brazil.

cyber security

The disclosure also comes as web infrastructure provider Akamai said it launched a new DDoS attack targeting an Eastern Europe-based customer on September 12, with attack traffic reaching 704.8 million packets per second. (pps).

The same victim had previously been targeted on July 21, 2022, in a similar manner in which the attack volume increased to 853.7 gigabits per second (Gbps) and 659.6 million pps over a 14 hour period. hours.

Akamai’s Craig Sparling said the company had been “relentlessly bombarded with sophisticated distributed denial-of-service (DDoS) attacks,” indicating the offensives could be politically motivated in the face of Russia’s ongoing war on Israel. Ukraine.

The two disruptive attempts were UDP flooding attacks where the attacker targets and floods arbitrary ports on the target host with User Datagram Protocol (UDP) packets.

cyber security

UDP, being both connectionless and sessionless, makes it an ideal network protocol for handling VoIP traffic. But those same traits can also make him more susceptible to exploitation.

“Without an initial handshake to ensure a legitimate connection, UDP channels can be used to send a large volume of traffic to any host,” says NETSCOUT.

“No internal protection can limit the UDP flooding rate. Therefore, UDP flooding DoS attacks are exceptionally dangerous as they can be executed with a limited amount of resources.”

About Ferdinand Caldwell

Check Also

Lead and Account Matching and Routing Software Market Size to Reach 10% CAGR in 2031

Lead and Account Matching and Routing Software Market Lead and Account Matching and Routing Software …