Cloudflare saves Crypto Platform from 15 Million RPS DDoS Attack

A few days earlier Cloudflare announced that it saved a cryptocurrency platform from a record 15.3 million request per second DDoS attack. The attack is the second largest DDoS attack after Aug 2021 on the platform. Not only did Cloudflare deny the attackers a chance but they also tracked down the sources of these attacks.

Details of the Attack

According to Cloudflare, this was the largest attack they had seen over HTTPS. The attack lasted less than 15 seconds. It targeted a Cloudflare consumer on its Pro plan. The botnet which was used for the attack was already being observed and it was traced to other attacks recording up to 10 M requests per second.

Graph of the 15.3 million rps DDoS attack
Attack Timeline with Volumetric Data

The attack came from data centers indicating that it was from a cloud server rather than any residential network ISP, which usually happens. The attack was launched from a network of bots also called BOTNET. These bots did spread the attack over 120 countries including Russia, Brazil, China, India, the United States, etc. The largest leg of the attack was from Indonesia.

Graph of the distribution of attack traffic by the top client countries

How the attack was mitigated?

The attack was automatically detected by the servers and mitigated without any human intervention. Cloudflare says that its servers do traffic sampling asynchronously and apply mitigations whenever required.

Each request is associated with a signature and a counter is triggered. With each additional request, the counter is increased and it is observed till a certain threshold. Once that threshold is reached for a given signature, the system itself compiles a mitigation strategy and additional requests are blocked.

Another benefit of Cloudflare is that customers can customize the DDoS settings without any external intervention keeping the details private.

Sources Identified

The source was identified as originating from data centers. From Germany Hetzner Online GmbH (Autonomous System Number 24940) and OVH in France (ASN 16276) were identified as two of the largest sources of botnet deployment.

What are DDoS Attacks?

DDoS attacks or Distributed Denial of Service Attacks are malicious attempts to overwhelm the servers of any platform through a high amount of data requests. These data requests are usually conducted by using BOTNETS. As said earlier, BOTNETs are a network of BOTS that operate on certain pre-defined instructions. They are very similar to a Hardware Robot.

Oftentimes these BOTNETs source traffic from individual bots that are very difficult to distinguish from a legitimate computer source.

About Cloudflare

Cloudflare is a content delivery protection company that specializes in DDoS Attacks among many other services. The company usually handles more than 32 million HTTP requests per second.

Also Read: North Korean Lazarus Group behind Axie Infinity Hack


Leave a Reply

Your email address will not be published. Required fields are marked *

Your trusted source of crypto and blockchain knowledge. Explore the world of cryptocurrencies through our up-to-date news, blogs, and captivating podcasts. Stay informed, empowered, and connected with Crypto Coffee Tales.

Socialize with Us

For any Query or Suggestions please feel Free to contact us at 
info@cryptocoffeetales.com

Copyright © 2023 Crypto Coffee Tales | All rights reserved. Powered by NonceLabs