Cloudflare: Blockchain Platform Targeted by One of Most Powerful DDoS Attacks in History

Raevenlord · Apr 30, 2022

Internet services provider Cloudflare has announced that it has successfully protected one of its clients from one of the most powerful DDoS (Distributed-Denial-of-Service) attacks in history. According to the services provider, an undisclosed cryptocurrency platform was targeted by a botnet comprising around 6,000 "zombie" computers distributed throughout 112 different countries. The botnet ultimately generated a collective 15.3 million requests per second. While that's still shy of the largest recorded metric - set at 17.2 million requests per second - the fact that the DDoS attack occurred through HTTPS likely pushed its complexity above the record-setting attack, due to the higher computational workload of secure HTTP. The attack lasted 15 seconds.

DDoS attacks aim to flood a network with requests and data packets in a bid to overload and paralyze it. The attack also showcases the ingenuity of bad actors, as the originated from cloud-based ISPs, as attackers leverage more complex and capable networking hardware than what's usually offered by last-mile ISPs. According to Cloudflare, the botnet seems to have mostly compromised systems with Java-based applications that were still open to the recently-discovered CVE-2022-21449 vulnerability.

View at TechPowerUp Main Site | Source

eidairaman1 · Apr 30, 2022

No wonder simplyaweeb.to was down for a moment.

R-T-B · Apr 30, 2022

eidairaman1 said:
No wonder simplyaweeb.to was down for a moment.

Yes, totally related. /s

zlobby · Apr 30, 2022

Is it just me or this sounds more like an ad than an article?

X71200 · Apr 30, 2022

It does sound like it's boasting Cloudflare for preventing a DDoS attack, but the attack is seemingly of a very large size so there's that...

ThrashZone · Apr 30, 2022

Hi,
Could of let it go it's only a undisclosed crypo group most gamers would cheer :laugh:

eidairaman1 · Apr 30, 2022

R-T-B said:
Yes, totally related. /s

They use cloudflare

bonehead123 · May 1, 2022

Perhaps this was some sort of a "proof of concept" type of attack, just to demonstrate the attacker's abilities.......

Now they will probably sit back for a while, analyze the results, and then, after everyone thinks enough time has passed that the threat is gone, BOOOOM, they will come roaring back with a vengeance and do some REAL damage to some major systems somewhere...

Mussels · May 1, 2022

My internet was utter ass yesterday, i blame this

R-T-B · May 1, 2022

eidairaman1 said:
They use cloudflare

Ah. I guess it could actually be related then...

Jism · May 1, 2022

zlobby said:
Is it just me or this sounds more like an ad than an article?

Nah.

With HTTPS request, a handshake is performed, which cost some resources at a server in general. When you send 15 million requests per second, you do understand that no VPS is able to even furfill these tasks without chrashing.

Basicly; cloudflare works as a man in the middle, sorting good vs bad traffic. I use it too for over 90 websites. Not because of the DDOS, but more for the CDN feature.

Lets say i have a english website aimed at both Dutch and US traffic. In Google US my website woud'nt rank well because it will favour US based servers or sites. When i use a CDN basicly a copy of my website is running now in the US in a datacenter on various locations, provided by Cloudflare. The visitor and google now get a "local" website up there without having to rent or hire a special server in the US for that case.

You can also offload quite alot with Cloudflare, if your server is getting quite busy. It filters the nasty traffic out for you.

mechtech · May 1, 2022

Cloudflair.

SirB · May 1, 2022

Wish you better luck next time DDos guys. Nice work.

R-T-B · May 2, 2022

SirB said:
Wish you better luck next time DDos guys. Nice work.

Next time isn't necessarily going to be blockchain, so be careful what you wish for...

Solaris17 · May 2, 2022

Jism said:
Nah.

With HTTPS request, a handshake is performed, which cost some resources at a server in general. When you send 15 million requests per second, you do understand that no VPS is able to even furfill these tasks without chrashing.

Basicly; cloudflare works as a man in the middle, sorting good vs bad traffic. I use it too for over 90 websites. Not because of the DDOS, but more for the CDN feature.

Lets say i have a english website aimed at both Dutch and US traffic. In Google US my website woud'nt rank well because it will favour US based servers or sites. When i use a CDN basicly a copy of my website is running now in the US in a datacenter on various locations, provided by Cloudflare. The visitor and google now get a "local" website up there without having to rent or hire a special server in the US for that case.

You can also offload quite alot with Cloudflare, if your server is getting quite busy. It filters the nasty traffic out for you.

It's a monumental feat that much traffic could even be pushed in a DDoS; its no doubt the landscape is changing, but I think people are overlooking simple tcp/ip. DDoS on the most plain level is literally having a pipe big enough to eat it first and foremost. All the packet inspection or filtering does nothing if you are ingesting more traffic then your ingress can handle.

The fact that CF took this to the face is the real testiment. That said you can always take it stright from the horses mouth instead of second or third hand.

Cloudflare blocks 15M rps HTTPS DDoS attack

Earlier this month, Cloudflare’s systems automatically detected and mitigated a 15.3 million request-per-second (rps) DDoS attack — one of the largest HTTPS DDoS attacks on record

blog.cloudflare.com

I encourage anyone to check out the actual engineering blogs, CF is one of the most transparent by far and their post-mortems are top top notch everyone should take note. I would also take a look at the meta (facebook) and twich engineering pages. If your in the space really crazy shit and they generally are not shy about making public how their stuff works or even contributing to open source.

Shit iv setup entire ultra precise NTP ecosystems based off of their stack using chrony and an NTP appliance.

Building a more accurate time service at Facebook scale

UPDATE: To continue our support of this public NTP service, we have open-sourced our collection of NTP libraries on GitHub. Almost all of the billions of devices connected to the internet have onbo…

engineering.fb.com

super neat stuff. lots of people here would rather play valorant or some shit, but some of the engineering that makes the world function is absolutely wild. in breadth and scope.

TheUn4seen · May 2, 2022

zlobby said:
Is it just me or this sounds more like an ad than an article?

Cloudflare did something genuinely impressive so they boast about it to anyone who will listen, in this way it's an ad - at least it's an honest one and I mean it in the most positive way possible. Mitigating an attack on this scale with minimal collateral damage speaks a lot about their infrastructure.

ThrashZone said:
Hi,
Could of let it go it's only a undisclosed crypo group most gamers would cheer

Gamers are modern day Luddites? Fitting, to be honest.

R-T-B · May 2, 2022

ThrashZone said:
Hi,
Could of let it go it's only a undisclosed crypo group most gamers would cheer

Yeah that would make cloudflare look really swell to their customer base, which is often those needing protection from internet mobs...

System Name	The Ryzening
Processor	AMD Ryzen 9 5900X
Motherboard	MSI X570 MAG TOMAHAWK
Cooling	Lian Li Galahad 360mm AIO
Memory	32 GB G.Skill Trident Z F4-3733 (4x 8 GB)
Video Card(s)	Gigabyte RTX 3070 Ti
Storage	Boot: Transcend MTE220S 2TB, Kintson A2000 1TB, Seagate Firewolf Pro 14 TB
Display(s)	Acer Nitro VG270UP (1440p 144 Hz IPS)
Case	Lian Li O11DX Dynamic White
Audio Device(s)	iFi Audio Zen DAC
Power Supply	Seasonic Focus+ 750 W
Mouse	Cooler Master Masterkeys Lite L
Keyboard	Cooler Master Masterkeys Lite L
Software	Windows 10 x64

System Name	PCGOD
Processor	AMD FX 8350@ 5.0GHz
Motherboard	Asus TUF 990FX Sabertooth R2 2901 Bios
Cooling	Scythe Ashura, 2×BitFenix 230mm Spectre Pro LED (Blue,Green), 2x BitFenix 140mm Spectre Pro LED
Memory	16 GB Gskill Ripjaws X 2133 (2400 OC, 10-10-12-20-20, 1T, 1.65V)
Video Card(s)	AMD Radeon 290 Sapphire Vapor-X
Storage	Samsung 840 Pro 256GB, WD Velociraptor 1TB
Display(s)	NEC Multisync LCD 1700V (Display Port Adapter)
Case	AeroCool Xpredator Evil Blue Edition
Audio Device(s)	Creative Labs Sound Blaster ZxR
Power Supply	Seasonic 1250 XM2 Series (XP3)
Mouse	Roccat Kone XTD
Keyboard	Roccat Ryos MK Pro
Software	Windows 7 Pro 64

System Name	Pioneer
Processor	Ryzen R9 7950X
Motherboard	GIGABYTE Aorus Elite X670 AX
Cooling	Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory	64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s)	XFX RX 7900 XTX Speedster Merc 310
Storage	2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s)	55" LG 55" B9 OLED 4K Display
Case	Thermaltake Core X31
Audio Device(s)	TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply	FSP Hydro Ti Pro 850W
Mouse	Logitech G305 Lightspeed Wireless
Keyboard	WASD Code v3 with Cherry Green keyswitches + PBT DS keycaps
Software	Gentoo Linux x64 / Windows 11

Processor	3900X 4.425
Motherboard	X570 Tomahawk
Cooling	Galahad 360 push-pull
Memory	2x16gb Crucial Ballistix MAX 4400
Video Card(s)	Asus Dual 3060 Ti OC
Storage	Optane 280gb PCI-E
Display(s)	PG348Q
Case	Core X71
Audio Device(s)	ATOLL DAC 100SE, Sony DN1070 - Dali Ikon 1 MK2, Presonus Studio 192, Line 6 POD HD rack, Audix VX10
Power Supply	AX1500i
Mouse	Pulsar Xlite wireless white
Keyboard	Leopold FC980C 30g white
Software	Win 10 Pro

System Name	Ghetto Rigs z490\|x99\|Acer 17 Nitro 7840hs/ 5600c40-2x16/ 4060/ 1tb acer stock m.2/ 4tb sn850x
Processor	10900k w/Optimus Foundation \| 5930k w/Black Noctua D15
Motherboard	z490 Maximus XII Apex \| x99 Sabertooth
Cooling	oCool D5 res-combo/280 GTX/ Optimus Foundation/ gpu water block \| Blk D15
Memory	Trident-Z Royal 4000c16 2x16gb \| Trident-Z 3200c14 4x8gb
Video Card(s)	Titan Xp-water \| evga 980ti gaming-w/ air
Storage	970evo+500gb & sn850x 4tb \| 860 pro 256gb \| Acer m.2 1tb/ sn850x 4tb\| Many2.5" sata's ssd 3.5hdd's
Display(s)	1-AOC G2460PG 24"G-Sync 144Hz/ 2nd 1-ASUS VG248QE 24"/ 3rd LG 43" series
Case	D450 \| Cherry Entertainment center on Test bench
Audio Device(s)	Built in Realtek x2 with 2-Insignia 2.0 sound bars & 1-LG sound bar
Power Supply	EVGA 1000P2 with APC AX1500 \| 850P2 with CyberPower-GX1325U
Mouse	Redragon 901 Perdition x3
Keyboard	G710+x3
Software	Win-7 pro x3 and win-10 & 11pro x3
Benchmark Scores	Are in the benchmark section

Cloudflare: Blockchain Platform Targeted by One of Most Powerful DDoS Attacks in History

Raevenlord

News Editor

eidairaman1

The Exiled Airman

R-T-B

zlobby

X71200

ThrashZone

eidairaman1

The Exiled Airman

bonehead123

Mussels

Freshwater Moderator

R-T-B

Jism

mechtech

SirB

R-T-B

Solaris17

Super Dainty Moderator

Cloudflare blocks 15M rps HTTPS DDoS attack

Building a more accurate time service at Facebook scale

TheUn4seen

R-T-B

System Name	The Little One
Processor	i5-11320H @4.4GHZ
Motherboard	AZW SEI
Cooling	Fan w/heat pipes + side & rear vents
Memory	64GB Crucial DDR4-3200 (2x 32GB)
Video Card(s)	Iris XE
Storage	WD Black SN850X 4TB m.2, Seagate 2TB SSD + SN850 4TB x2 in an external enclosure
Display(s)	2x Samsung 43" & 2x 32"
Case	Practically identical to a mac mini, just purrtier in slate blue, & with 3x usb ports on the front !
Audio Device(s)	Yamaha ATS-1060 Bluetooth Soundbar & Subwoofer
Power Supply	65w brick
Mouse	Logitech MX Master 2
Keyboard	Logitech G613 mechanical wireless
Software	Windows 10 pro 64 bit, with all the unnecessary background shitzu turned OFF !
Benchmark Scores	PDQ

System Name	Rainbow Sparkles (Power efficient, <350W gaming load)
Processor	Ryzen R7 5800x3D (Undervolted, 4.45GHz all core)
Motherboard	Asus x570-F (BIOS Modded)
Cooling	Alphacool Apex UV - Alphacool Eisblock XPX Aurora + EK Quantum ARGB 3090 w/ active backplate
Memory	2x32GB DDR4 3600 Corsair Vengeance RGB @3866 C18-22-22-22-42 TRFC704 (1.4V Hynix MJR - SoC 1.15V)
Video Card(s)	Galax RTX 3090 SG 24GB: Underclocked to 1700Mhz 0.750v (375W down to 250W))
Storage	2TB WD SN850 NVME + 1TB Sasmsung 970 Pro NVME + 1TB Intel 6000P NVME USB 3.2
Display(s)	Phillips 32 32M1N5800A (4k144), LG 32" (4K60) \| Gigabyte G32QC (2k165) \| Phillips 328m6fjrmb (2K144)
Case	Fractal Design R6
Audio Device(s)	Logitech G560 \| Corsair Void pro RGB \|Blue Yeti mic
Power Supply	Fractal Ion+ 2 860W (Platinum) (This thing is God-tier. Silent and TINY)
Mouse	Logitech G Pro wireless + Steelseries Prisma XL
Keyboard	Razer Huntsman TE ( Sexy white keycaps)
VR HMD	Oculus Rift S + Quest 2
Software	Windows 11 pro x64 (Yes, it's genuinely a good OS) OpenRGB - ditch the branded bloatware!
Benchmark Scores	Nyooom.

Processor	Ryzen 5700x
Motherboard	Gigabyte X570S Aero G R1.1 BiosF5g
Cooling	Noctua NH-C12P SE14 w/ NF-A15 HS-PWM Fan 1500rpm
Memory	Micron DDR4-3200 2x32GB D.S. D.R. (CT2K32G4DFD832A)
Video Card(s)	AMD RX 6800 - Asus Tuf
Storage	Kingston KC3000 1TB & 2TB & 4TB Corsair LPX
Display(s)	LG 27UL550-W (27" 4k)
Case	Be Quiet Pure Base 600 (no window)
Audio Device(s)	Realtek ALC1220-VB
Power Supply	SuperFlower Leadex V Gold Pro 850W ATX Ver2.52
Mouse	Mionix Naos Pro
Keyboard	Corsair Strafe with browns
Software	W10 22H2 Pro x64

System Name	Rocinante
Processor	I9 14900KS
Motherboard	MSI MPG Z790I Edge WiFi Gaming
Cooling	be quiet! Pure Loop 240mm
Memory	64GB Gskill Trident Z5 DDR5 6000 @6400
Video Card(s)	MSI SUPRIM Liquid X 4090
Storage	1x 500GB 980 Pro \| 1x 1TB 980 Pro \| 1x 8TB Corsair MP400
Display(s)	Odyssey OLED G9 (G95SC)
Case	LANCOOL 205M MESH Snow
Audio Device(s)	Moondrop S8's on schitt Modi+ & Valhalla 2
Power Supply	ASUS ROG Loki SFX-L 1000W
Mouse	Lamzu Atlantis mini (White)
Keyboard	Monsgeek M3 Lavender, Akko Crystal Blues
VR HMD	Quest 3
Software	Windows 11
Benchmark Scores	I dont have time for that.

Processor	9600k
Motherboard	MSI Z390I Gaming EDGE AC
Cooling	Scythe Mugen 5
Memory	32GB of G.Skill Ripjaws V 3600MHz CL16
Video Card(s)	MSI 3080 Ventus OC
Storage	2x Intel 660p 1TB
Display(s)	Acer CG437KP
Case	Streacom BC1 mini
Audio Device(s)	Topping MX3
Power Supply	Corsair RM750
Mouse	R.A.T. DWS
Keyboard	HAVIT KB487L / AKKO 3098 / Logitech G19
VR HMD	HTC Vive
Benchmark Scores	What's a "benchmark"?