Google Blocks 46 Million Requests-Per-Second DDoS Attack

In June 2022, an unnamed Google Cloud Armor client was targeted by an HTTPS-based DDoS attack that reached a staggering 46 million requests per second (RPS). This is currently the largest DDoS attack of its kind ever recorded.

Previously, the record for such attacks was set earlier in the summer by Cloudflare, which reported an incident peaking at 26 million RPS. That attack was carried out by the relatively small but highly dangerous Mantis botnet, consisting of just 5,000 devices.

How the Attack Unfolded

According to Google experts, the attack began on the morning of June 1, initially targeting the HTTP/S load balancer of a client. At first, the attack measured only 10,000 RPS. Within eight minutes, it ramped up to 100,000 RPS, triggering Google Cloud Armor Protection. Just two minutes later, the attack peaked at 46 million requests per second. In total, the DDoS assault lasted for 69 minutes.

To put the scale in perspective, Google engineers noted that this attack was equivalent to receiving all daily Wikipedia requests in just 10 seconds.

“We believe the attacker likely decided they did not achieve the desired effect, while incurring significant costs to carry out the attack,” the company’s report states.

Who Was Behind the Attack?

Researchers believe the attack was orchestrated by the Mēris botnet, which has been linked to other high-profile incidents. For example, in the fall of the previous year, Mēris targeted Yandex, setting a then-record DDoS attack of 21.8 million RPS.

Google reports that the attack traffic originated from just 5,256 IP addresses spread across 132 countries. The use of HTTPS indicates that the devices sending requests had significant computing power. Another notable aspect was the use of Tor exit nodes: 22% (1,169) of the sources sent requests via the Tor network, but these accounted for only about 3% of the total attack traffic.

Source

Onion Market — a free P2P exchange on Telegram. We offer XMR, BTC, and USDT.TRC20.