Sep 03, 2025Ravie LakshmananThreat Intelligence / Network Security
Cloudflare on Tuesday said it automatically mitigated a record-setting volumetric distributed denial-of-service (DDoS) attack that peaked at 11.5 terabits per second (Tbps).
"Over the past few weeks, we've autonomously blocked hundreds of hyper-volumetric DDoS attacks, with the largest reaching peaks of 5.1 Bpps and 11.5 Tbps," the web infrastructure and security company said in a post on X. "The 11.5 Tbps attack was a UDP flood that mainly came from Google Cloud."
The entire attack lasted only about 35 seconds, with the company stating its "defenses have been working overtime."
Volumetric DDoS attacks are designed to overwhelm a target with a tsunami of traffic, causing the server to slow down or even fail. These attacks typically result in network congestion, packet loss, and service disruptions.
Such attacks are often conducted by sending the requests from botnets that are already under the control of the threat actors after having infected the devices, be it computers, IoT devices, and other machines, with malware.
"The initial impact of a volumetric attack is to create congestion that degrades the performance of network connections to the internet, servers, and protocols, potentially causing outages," Akamai says in an explanatory note.
"However, attackers may also use volumetric attacks as a cover for more sophisticated exploits, which we refer to as 'smoke screen' attacks. As security teams work diligently to mitigate the volumetric attack, attackers may launch additional attacks (multi-vector) that allow them to surreptitiously penetrate network defenses to steal data, transfer funds, access high-value accounts, or cause further exploitation."
The development comes a little over two months after Cloudflare said it blocked in mid-May 2025 a DDoS attack that hit a peak of 7.3 Tbps targeting an unnamed hosting provider.
In July 2025, the company also said hyper-volumetric DDoS attacks – L3/4 DDoS attacks exceeding 1 billion packets per second (Bpps) or 1 Tbps – skyrocketed in the second quarter of 2025, scaling a new high of 6,500 in comparison to 700 hyper-volumetric DDoS attacks in Q1 2025.
from The Hacker News https://ift.tt/4B85dA1
via IFTTT
No comments:
Post a Comment