Jump to content
  • Cloudflare mitigated record DDoS attack against Minecraft server

    alf9872000

    • 320 views
    • 3 minutes
     Share


    • 320 views
    • 3 minutes

    Wynncraft, one of the largest Minecraft servers, was recently hit by a 2.5 Tbps distributed denial-of-service (DDoS) attack.

     

    It was a multi-vector attack that lasted for about two minutes and consisted of UDP and TCP floods packets attempting to overwhelm the server and keep out hundreds of thousands of players, DDoS mitigation company Cloudflare says.

     

    minecraft-diagram.png

    Two-minute attack against Minecraft server Wynncraft (Cloudflare)

     

    The researchers say this was the largest bitrate attack they ever recorded and handled.

     

    A DDoS attack this large occurred in 2017, in a campaign that lasted for six months from a nation-state actor, disclosed by Google in 2020.

     

    Cloudflare’s 2022 Q3 DDoS report notes that multi-terabit DDoS attacks are now more frequent.

     

    One of the largest DDoS attacks ever reported was in November 2021 and peaked at 3.47 terabits per second.

    DDoS attack trends

    In the third quarter of the year, Cloudflare mitigated more DDoS attacks compared to last year, with HTTP-based ones increasing by 111%. Layer 3 and 4 (L3/4) DDoS attacks also almost doubled year-over-year, their occurrence jumping by 97%.

     

    The most notable region targeted by HTTP DDoS attacks was Taiwan, which saw an increase of 200% compared to the last quarter, while Japan was targeted 105% more quarter-over-quarter.

     

    L3/4 DDoS attacks targeted mainly the gaming industry and their volume was inflated by a Mirai comeback that increased its activity by 405% compared to Q2 2022.

     

    Another worrying DDoS trend seen in Q3 2022 is the abuse of the BitTorrent protocol, normally used for file sharing. This practice rose by over 1,200% QoQ.

     

    network-layer-vectors.png

    Network-layer DDoS attack vector trends (Cloudflare)

     

    “A malicious actor can spoof the victim’s IP address as a seeder IP address within [BitTorrent] Trackers and DHT (Distributed Hash Tables) systems,” details Cloudflare.

     

    “Then clients would request the files from those IPs. Given a sufficient number of clients requesting the file, it can flood the victim with more traffic than it can handle.”

     

    The countries most targeted HTTP DDoS attacks were the United States, China, and Cyprus, while network-layer attacks targeted mainly Singapore, the U.S., and China.

     

    app-layer-countries.png
    Countries impacted the most by application-layer DDoS attacks (Cloudflare)

    Size and duration

    Cloudflare highlights a rise in the number of large-scaleDDoS attacks (over 100 Gbps) but underlines that these are still the outliers, accounting for only 0.1% of the total.

     

    net-layer-size.png

    Network-layer DDoS attack sizes in Q3 2022 (Cloudflare)

     

    The vast majority (97.3%) were attacks measuring under 500 Mbps, which Cloudflare characterizes as “cyber-vandalism”, attributing to the so-called “script-kiddies” that use readily available DDoS tools and direct attacks against small and poorly protected targets.

     

    The duration of most (94%) attacks is brief, measuring below 20 minutes. However, there was a small rise of 8.6% and 3.2% in lengthy episodes lasting above an hour and three hours, respectively.

     

    Source


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...