Mirai Botnet Hits Wynncraft Minecraft Server With 2.5 Tbps DDoS Attack
Web infrastructure and security firm Cloudflare revealed this week that it stopped a 2.5 Tbps distributed denial-of-service (DDoS) attack launched by a Mirai botnet.
Calling it a “multi-vector attack consisting of UDP and TCP floods”, researcher Omer Yoachimik said the DDoS attack targeted Minecraft server Wynncraft in Q3 2022.
“The entire attack at 2.5 Tbps lasted about 2 minutes, and the peak attack at 26 million rps [was] only 15 seconds,” Yoachimik noted. “This is the biggest attack we’ve ever seen from a throughput standpoint.”
Cloudflare also pointed to an increase in multi-terabit DDoS attacks as well as longer lasting volumetric attacks over the period, not to mention an increase in attacks targeting Taiwan and Japan.
The disclosure comes nearly 10 months after Microsoft said it foiled a record 3.47 Tbps DDoS attack in November 2021 directed against an anonymous Azure customer in Asia.
Other DDoS attacks of this scale and volume include a 2.5 Tbps DDoS attack absorbed by Google in September 2017 and a 2.3 Tbps volumetric strike targeting Amazon Web Services in February 2020.
Additionally, ransomware DDoS attacks — in which the threat actor demands monetary compensation to stop the attack — saw a 15% increase quarter-over-quarter and 67% year-over-year. on the other.
Application-layer DDoS attacks (or HTTP DDoS attacks), on the other hand, have targeted businesses in the United States, China, and Cyprus, with most attacks coming from China, India, and the United States. -United.
Ukraine, which has been hit hard by DDoS attacks since the start of the Russo-Ukrainian war, saw its marketing, education and government sectors the most targeted in the third quarter, unlike attacks on media companies over the previous two quarters.
Similarly, network layer DDoS attacks (or Layer 3 DDoS attacks) have been mostly recorded against the gaming, telecommunications and IT services sectors located in Singapore, the United States and China.
A notable trend highlighted by Cloudflare is a 1,221% QoQ increase in DDoS attacks that leverage the BitTorrent communications protocol, which is traditionally used for peer-to-peer (P2P) file sharing.
“Over the years, it has become easier, cheaper, and more accessible for attackers and attackers for hire to launch DDoS attacks,” Yoachimik said.
The disclosure also comes as application performance management firm Netscout revealed that threat actors are increasingly experimenting with different DDoS attack vectors such as carpet bombing and DNS water torture attacks. .