Security News > 2024 > July > OVHcloud blames record-breaking DDoS attack on MikroTik botnet
Analyzing some of those attacks revealed the extensive use of core network devices, particularly Mikrotik models, making the attacks more impactful and challenging to detect and stop.
Record-breaking DDoS. Earlier this year, OVHcloud had to mitigate a massive packet rate attack that reached 840 Mpps, surpassing the previous record holder, an 809 Mpps DDoS attack targeting a European bank, which Akamai mitigated in June 2020.
"In April 2024, we even mitigated a record-breaking DDoS attack reaching ~840 Mpps, just above the previous record reported by Akamai."
OVHcloud says many of the high packet rate attacks it recorded, including the record-breaking attack from April, originate from compromised MirkoTik Cloud Core Router devices designed for high-performance networking.
OVHcloud calculated that hijacking 1% of the exposed models into a botnet could give attackers enough firepower to launch attacks, reaching 2.28 billion packets per second.
Malware botnet bricked 600,000 routers in mysterious 2023 attack.
News URL
Related news
- Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks (source)
- Mirai Botnet Launches Record 5.6 Tbps DDoS Attack with 13,000+ IoT Devices (source)
- Mirai botnet behind the largest DDoS attack to date (source)
- New Aquabot Botnet Exploits CVE-2024-41710 in Mitel Phones for DDoS Attacks (source)
- Malware botnets exploit outdated D-Link routers in recent attacks (source)
- MikroTik botnet uses misconfigured SPF DNS records to spread malware (source)
- 13,000 MikroTik Routers Hijacked by Botnet for Malspam and Cyberattacks (source)
- Cloudflare mitigated a record-breaking 5.6 Tbps DDoS attack (source)
- Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet (source)
- DDoS attacks reportedly behind DayZ and Arma network outages (source)