Mirai Botnet Launches Record 5.6 Tbps DDoS Attack with 13,000+ IoT Device

Web infrastructure and security company Cloudflare on Tuesday said it detected and blocked a 5.6 Terabit per second (Tbps) distributed denial-of-service (DDoS) attack, the largest ever attack to be reported to date.

The UDP protocol-based attack took place on October 29, 2024, targeting one of its customers, an unnamed internet service provider (ISP) from Eastern Asia. The activity originated from a Mirai-variant botnet.

“The attack lasted only 80 seconds and originated from over 13,000 IoT devices,” Cloudflare’s Omer Yoachimik and Jorge Pacheco said in a report.

✔ Approved Seller From Our Partners

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount

That said, the average unique source IP address observed per second was 5,500, with the average contribution of each IP address per second around 1 Gbps.

The previous record for the largest volumetric DDoS assault was also reported by Cloudflare in October 2024, which peaked at 3.8 Tbps.

Cloudflare also revealed it blocked approximately 21.3 million DDoS attacks in 2024, a 53% increase from 2023, and that the amount of attacks exceeding 1 Tbps grew by 1,885% quarter-over-quarter. In the fourth quarter of 2024 alone, as many as 6.9 million DDoS attacks were mitigated.

Some of the other notable statistics observed during Q4 2024 are listed below –

• Known DDoS botnets accounted for 72.6% of all HTTP DDoS attacks
• The top three most common Layer 3/Layer 4 (network layer) attack vectors were SYN floods (38%), DNS flood attacks (16%), and UDP floods (14%)
• Memcached DDoS attacks, BitTorrent DDoS attacks, and ransom DDos attacks witnessed a 314%, 304%, and 78% QoQ increase, respectively
• About 72% of HTTP DDoS attacks and 91% of network layer DDoS attacks end in under ten minutes
• Indonesia, Hong Kong, Singapore, Ukraine, and Argentina were the largest sources of DDoS attacks
• China, the Philippines, Taiwan, Hong Kong, and Germany were the most attacked countries
• Telecommunications, internet, marketing, information technology, gambling were the most attacked sectors

The development comes as cybersecurity companies Qualys and Trend Micro revealed that offshoots of the notorious Mirai botnet malware are targeting Internet of Things (IoT) devices by exploiting known security flaws and weak credentials to use them as conduits for DDoS attacks.

Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.