Cloudflare has revealed that it stopped dead in its tracks one of the largest HTTPS DDoS attacks on record originating from multiple countries. The firm said that the botnet was making 15.3 million requests-per-second (rps), making it the largest HTTPS DDoS attack it has witnessed against one of its customers.
Cloudflare said that the target of the attack was a crypto launchpad company which aims to connect crypto projects with investors. The customer is on Cloudflare’s Professional plan and was defended by Cloudflare for the less than 15 seconds that the attack was going on. Other Cloudflare customers are automatically protected from this botnet too and no action needs to be taken.
The largest attack that Cloudflare has ever run into was reported last August when a botnet performed a 17.2 million rps DDoS attack but this was carried out with HTTP traffic rather than HTTPS traffic which was used in the latest attack. Cloudflare said the use of HTTPS makes the attack more expensive for the attacker and the victim attempting to mitigate it.
Cloudflare noted that this attack mostly came from data centres and that it’s noticing more attacks coming from cloud compute ISPs overall rather than residential network ISPs. This botnet involved 6,000 unique bots and originated from 112 countries around the world. The countries which hosted the most bots included Indonesia, Russia, Brazil, India, Colombia, and the United States. The attack came from over 1,300 networks with top ones including Hetzner Online GmbH, Azteca Comunicaciones Colombia, and OVH.