The largest DDoS attack ever recorded has been blocked.
Cloudflare reports that it successfully neutralized a 3.8 Tbps DDoS attack.
Cloudflare has announced that it recently succeeded in mitigating the largest Distributed Denial of Service (DDoS) attack in history. In a blog post, the company detailed that during September 2024, an unidentified threat actor targeted multiple clients from the financial services, internet, and telecommunications sectors, among others.
Although Cloudflare did not disclose the names of the specific targets, it indicated that the attack campaign focused on saturating bandwidth and exhausting the resources of online applications and devices. This attack involved over a hundred high-volume DDoS attacks at L3 and L4 layers, many of which exceeded 2 billion packets per second (Bpps) and 3 terabits per second (Tbps).
Hyper-volumetric DDoS attacks at L3 and L4 layers are designed to collapse the target’s network infrastructure or bandwidth through enormous volumes of traffic. These typically employ techniques such as UDP floods or TCP SYN floods, aiming to exhaust the resources of the attacked system and make it inaccessible to legitimate users.
One of the most notable attacks peaked at 3.8 Tbps, which according to Cloudflare, represents "the largest attack ever publicly disclosed by any organization." This attack predominantly utilized UDP on a fixed port and originated from multiple locations around the world, with Vietnam, Russia, Brazil, Spain, and the United States being the primary countries of origin for the IP addresses involved.
The detection and mitigation of the attacks were carried out automatically, thanks to Cloudflare's global server infrastructure, which allows for the dissemination of incoming botnet traffic. Generally, DDoS attacks are conducted using botnets—massive networks of compromised devices such as routers and smart home devices. In this case, traffic was logged from MikroTik devices, DVRs, and web servers, as well as from compromised ASUS home routers, which were likely exploited through a newly discovered critical vulnerability.
Prior to this incident, the most powerful recorded DDoS attack had reached 3.47 Tbps and was mitigated by Microsoft in November 2021.
