Security News > 2022 > August > Google blocks largest HTTPS DDoS attack 'reported to date'

A Google Cloud Armor customer was hit with a distributed denial-of-service attack over the HTTPS protocol that reached 46 million requests per second, making it the largest ever recorded of its kind.

In just two minutes, the attack escalated from 100,000 RPS to a record-breaking 46 million RPS, almost 80% more than the previous record, an HTTPS DDoS of 26 million RPS that Cloudflare mitigated in June.

The attack started on the morning of June 1, at 09:45 Pacific Time, and targeted the victim's HTTP/S Load Balancer initially with just 10,000 RPS. In eight minutes, the attack intensified to 100,000 RPS and Google's Cloud Armor Protection kicked in by generating an alert and signatures based on certain data pulled from traffic analysis.

The malware behind the attack has yet to be determined but the geographic distribution of the services used points to a M?ris, a botnet responsible for DDoS attacks peaking at 17.2 million RPS and 21.8 million RPS, both record-breaking at their time.

Google researchers say that the attack traffic came from just 5,256 IP addresses spread in 132 countries and leveraged encrypted requests, indicating that the devices sending the requests have rather strong computing resources.

Last November, Microsoft's Azure DDoS protection platform mitigated a massive 3.47 terabits per second attack with a packet rate of 340 million packets per second for a custmer in Asia.

News URL

https://www.bleepingcomputer.com/news/security/google-blocks-largest-https-ddos-attack-reported-to-date/