21 September 2022

Record DDoS attack with 25.3 billion requests used HTTP/2 multiplexing


Record DDoS attack with 25.3 billion requests used HTTP/2 multiplexing

Cybersecurity company Imperva said it stopped a distributed denial-of-service (DDoS) attack with a total of over 25.3 billion requests on June 27, 2022.

The attack targeted an unnamed Chinese telecommunications company and lasted over four hours, which is notable, as only 10.5% of attacks last between one and six hours, and most last under fifteen minutes.

“Attackers used HTTP/2 multiplexing, or combining multiple packets into one, to send multiple requests at once over individual connections. This technique can bring servers down using a limited number of resources, and such attacks are extremely difficult to detect. Since our automated mitigation solution is guaranteed to block DDoS in under three seconds, we estimate that the attack could have reached a much greater rate than our tracked peak of 3.9 million RPS,” the company explained.

The DDoS attack came from a massive botnet that comprised nearly 170,000 IP addresses including routers, security cameras and compromised servers located in over 180 countries, with most of them based in the US, Indonesia, and Brazil.

The news comes after Akamai revealed that it mitigated a record-breaking distributed denial-of-service (DDoS) attacks on September 12 aimed at one of its customers in Eastern Europe. The attacks reached unprecedented levels when the “garbage” traffic sent to the target network peaked at 704.8 Mpps, nearly 7% higher than the previous record-setting DDoS attack recorded in July 2022 (659.6 Mpps).

Back to the list

Latest Posts

Cyber security week in review: September 23, 2022

Cyber security week in review: September 23, 2022

The world in brief: Cryptomarket maker Wintermute robbed of $160M in a hack, old Python bug potentially affects 350,000 open-source projects, and more.
23 September 2022
Unpatched 15-year-old Python vulnerability puts at risk over 350,000 open-source projects

Unpatched 15-year-old Python vulnerability puts at risk over 350,000 open-source projects

The vulnerable Python tarfile module is found extensively in frameworks created by Netflix, AWS, Intel, Facebook, Google and other software.
22 September 2022
Malicious actors continue to abuse Google Tag Manager tool to install e-skimmers

Malicious actors continue to abuse Google Tag Manager tool to install e-skimmers

The researchers said they discovered three variants of malicious scripts hidden within GTM containers that function either as e-skimmers or as downloaders for installing e-skimmers.
21 September 2022