Security News > 2022 > March > Imperva Thwarts 2.5 Million RPS Ransom DDoS Extortion Attacks

Cybersecurity company Imperva on Friday said it recently mitigated a ransom distributed denial-of-service attack targeting an unnamed website that peaked at 2.5 million requests per second.

"While ransom DDoS attacks are not new, they appear to be evolving and becoming more interesting with time and with each new phase," Nelli Klepfish, security analyst at Imperva, said.

Distributed denial-of-service attacks are a subcategory of denial-of-service attacks in which an army of connected online devices, known as a botnet, is used to overwhelm a target website with fake traffic in an attempt to render it unavailable to legitimate users.

The 2.5 million RPS attack is said to have lasted less than a minute, with one of the sister sites operated by the same company sustaining a similar attack that lasted approximately 10 minutes, even as the tactics employed were constantly changed to avert possible mitigation.

Evidence gathered by Imperva points to the DDoS attacks originating from the M?ris botnet, which has continued to leverage a now-addressed security vulnerability in Mikrotik routers to strike targets, including Yandex.

The ransom DDoS attack is also the second botnet-related activity averted by Imperva since the start of the year, what with the company detailing a web scraping attack that targeted an unidentified job listing platform in late January.

News URL

https://thehackernews.com/2022/03/imperva-thwarts-25-million-rps-ransom.html