Someone seems hell-bent on denying the service of a specific company in Eastern Europe, and is carrying out some huge Distributed Denial of Service (DDoS) attacks to do so.
After executing (and failing) the largest-ever DDoS attack ever seen in July 2022, the same group has returned with an even bigger assault, Akamai has reported.
The company reports that the attack was against an unnamed entity in Eastern Europe and was 7% stronger than the July 2022 incident, suggesting that the threat actor took the time to bolster the forces of its botnet and come back stronger.
Targeting multiple data centers
The attack, which peaked at 704.8 Mpps, is just one of many attacks the company suffered in the meantime, with Akamai saying it was being “bombarded relentlessly”. In July, it suffered 75 attacks, and in August, 201 cumulative attacks. Traffic was coming in from 1813 IPs, compared to 512 in the earlier attacks.
“The attackers’ command and control system had no delay in activating the multidestination attack, which escalated in 60 seconds from 100 to 1,813 IPs active per minute,” Akamai says.
The threat actor also went for a bigger target, as along with hitting the company’s primary data center, it also targeted six data center locations in both Europe and North America.
“An attack this heavily distributed could drown an underprepared security team in alerts, making it difficult to assess the severity and scope of the intrusion, let alone fight the attack,” the company added.
Due to security measures being in place, 99.8% of the malicious traffic was successfully blocked.
Akamai did not say who the perpetrators might have been, but it did say that whoever it was, it operates a “highly sophisticated global botnet” of compromised endpoints (opens in new tab).
Via: BleepingComputer (opens in new tab)