World's largest DDoS attack blocked, Cloudflare claims

(Image credit: Shutterstock) (Image credit: Shutterstock)

Cloudflare says it blocked a 5.6Tbps DDoS attack in October 2024
The attack came from a Mirai botnet
It included 13,000 IPs, and lasted 80 seconds

Cloudflare has claimed it recently blocked the largest Distributed Denial of Service (DDoS) attack ever recorded.

In a blog post, the company said that in late October 2024, its defense mechanisms blocked a 5.6Tbps UDP (User Datagram Protocol) DDoS attack. To put things into perspective, the (now) second-largest DDoS attack ever was 3.8Tbps, also blocked by Cloudflare, also in October 2024.

The company said the attack was launched by a Mirai-variant botnet, and targeted an Internet Service Provider (ISP) from Eastern Asia.

Shorter but more violent

The attack lasted just over a minute (80 seconds), and involved more than 13,000 Internet-of-things (IoT) devices, it was said.

As attackers change their strategies to better adapt to an evolving DDoS threat landscape, the attacks have generally been getting shorter in duration but more intense and frequent.

Despite its destructive potential, the attack did no damage, Cloudflare said, since both detection and mitigation were fully autonomous.

“It required no human intervention, didn’t trigger any alerts, and didn’t cause any performance degradation,” Cloudflare said. “The systems worked as intended.”

The researchers also stressed that while the total number of unique source IP addresses was around 13,000, the average unique source IP addresses per second was 5,500. Each of the 13,000 IP addresses contributed less than 8 Gbps per second, while the average contribution of each IP address per second was around 1 Gbps (~0.012% of 5.6 Tbps).

Mirai is one of the most infamous botnets out there. Its source code leaked in 2017, after which different threat actors started building their own variants. Today, Mirai and its variants often make headlines, targeting different organizations with large-scale DDoS attacks. Just this week, security researchers observed two variants, ‘gayfemboy’, and ‘Murdoc Botnet’.

Standing strong against hyper-volumetric DDoS attacks
Here's a list of the best antivirus tools on offer
These are the best endpoint protection tools right now

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.