Cloudflare Mitigates 2 Tbps DDoS Attack Launched by Mirai Botnet
Web security services provider Cloudflare says it mitigated a distributed denial-of-service (DDoS) attack that peaked at almost 2 terabytes per second (Tbps).
The multi-vector assault was launched by a botnet of approximately 15,000 machines infected with a variant of the original Mirai malware. The bots included Internet of Things (IoT) devices and GitLab instances, Cloudflare said in a new report.
GitLab instances ensnared into the botnet are affected by CVE-2021-22205, a critical (CVSS score of 10) vulnerability that was patched more than six months ago, but which continues to expose tens of thousands of systems.
The 2 Tbps DDoS attack only lasted one minute. The assault combined DNS amplification and UDP floods, company said.
Cloudflare notes that it observed an overall increase in the number of terabit-strong DDoS attacks over the last quarter, and that network-layer incidents were up 44% quarter-over-quarter.
The trends appear to continue into the fourth quarter of the year as well, with multiple terabit-strong attacks already hitting Cloudflare’s infrastructure.
In August, the web protection firm said it observed a Mirai-variant botnet launching multiple 1Tbps attacks, some peaking at 1.2 Tbps.
Last month, Microsoft said in August it mitigated a massive 2.4 Tbps assault originating from 70,000 sources worldwide. Last year, Amazon and Google said they mitigated 2.3 Tbps and 2.5 Tbps DDoS attacks, respectively.