Security News > 2021 > March > 800Gbps DDoS extortion attack hits gambling company

Internet security services company Akamai has already dealt with the largest known ransom DDoS attack, which was also more complex than previously seen incidents of the same type.

Bigger, more complex RDDoS. Akamai says that in February they dealt with "Three of the six biggest volumetric DDoS attacks" the company has ever recorded.

Two of these were the largest known ransom DDoS attacks and the most recent of them peaked at 800Gbps; it targeted a gambling company in Europe and was also the most complex Akamai saw since extortion DDoS started.

According to Akamai, the perpetrators used a new DDoS attack vector: a networking protocol known as the Datagram Congestion Control Protocol or protocol 33.

Leveraging DCCP for DDoS leads to a volumetric attack and can bypass the defenses set up for the TCP and UDP traffic flows that are more commonly seen during these incidents.

"The attackers were relentlessly looking for weaknesses in defenses to exploit, as well as trying different attack vector combinations. In one attack, the threat actors targeted nearly a dozen IPs and rotated through multiple DDoS attack vectors trying to increase the likelihood of disrupting the back-end environments" - Akamai.

News URL

https://www.bleepingcomputer.com/news/security/800gbps-ddos-extortion-attack-hits-gambling-company/