Imperva mitigate 25.3 billion request DDoS attack on customer

Share post:

Imperva broke a new record when the company’s mitigation solution was able to defend one of its customers against a single attack that sent more than 25.3 billion requests.

While attacks with peaks of more than one million requests per second (RPS) last between several seconds and a few minutes, the Imperva mitigated attack lasted over four hours. The DDoS attack developed on June 27, 2022, peaking at 3.9 million requests per second (RPS) and averaging 1.8 million RPS.

Imperva’s mitigated DDoS attack was launched from a massive botnet spanning 180 countries, with most IP addresses located in the U.S., Brazil, and Indonesia. The botnet used 170,000 hijacked devices, including modem routers, smart surveillance cameras, vulnerable servers, and poorly protected IoTs.

According to Imperva, some of the servers from which the malicious traffic originated are hosted on public clouds and cloud security providers, indicating widespread abuse.

Research shows that the yet to be identified botnet is not a “Mantis,” the botnet behind Cloudflare’s DDoS mitigation record in the summer.

Since Mantis relies on a smaller number of devices, the number of devices used against Imperva’s client is closer to the Mēris estimates. Mēris is responsible for the previous DDoS record of 21.8 million RPS, and researchers estimate that the Mēris swarm includes between 30,000 and 250,000 devices.

The sources for this piece include an article in BleepingComputer.

SUBSCRIBE NOW

Related articles

Hackers Plant False Memories in ChatGPT to Steal User Data

A security researcher has uncovered a vulnerability in ChatGPT that could allow hackers to store false information and...

“Octo2” Trojan Targets Bank Accounts by Posing as VPN or Chrome Apps on Android

A new malware variant called “Octo2” is spreading across Android devices by posing as popular apps like NordVPN...

Evilginx – Open source tool can bypass Multi-Factor Authentication (MFA)

Security vendor Abnormal Security is reporting a new cybersecurity tool that is gaining traction among cybercriminals. The tool,...

Kaspersky’s exit from US market frightens some customers

Kaspersky, the Russian cybersecurity firm, has unexpectedly removed its antivirus software from U.S. customers' computers, replacing it with...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways