A massive distributed denial-of-service (DDoS) attack reaching an unprecedented 5.6 Terabits per second struck an internet service provider in Eastern Asia, setting a new record for the largest such attack ever documented.
Security firm Cloudflare reported blocking the attack on October 29, 2024, which originated from a variant of the infamous Mirai botnet. The assault harnessed over 13,000 compromised Internet of Things (IoT) devices, though it lasted only 80 seconds before being neutralized.
The attack's scale dwarfed the previous record of 3.8 Tbps, also recorded by Cloudflare earlier in October 2024. Each compromised device contributed approximately 1 Gbps to the overall attack volume.
This incident highlights an alarming trend in DDoS attacks through 2024, with Cloudflare reporting a 53% year-over-year increase in total attacks blocked, reaching 21.3 million. The final quarter of 2024 alone saw 6.9 million attempted DDoS attacks.
The attack landscape analysis revealed that known DDoS botnets were responsible for 72.6% of HTTP-based attacks. SYN floods led network-layer attack methods at 38%, followed by DNS floods at 16% and UDP floods at 14%.
Geographically, Indonesia, Hong Kong, Singapore, Ukraine, and Argentina emerged as the primary sources of DDoS attacks. The telecommunications, internet, marketing, IT, and gambling sectors faced the highest number of attacks.
Security researchers from Qualys and Trend Micro have identified that Mirai botnet variants continue to target IoT devices by exploiting security vulnerabilities and weak password configurations, expanding their network of compromised devices for future attacks.
This record-breaking incident underscores the growing sophistication and scale of DDoS threats, particularly those leveraging IoT devices through evolving Mirai botnet variants.