DDoS attack prevalence, sophistication spikes

Distributed denial-of-service attacks have significantly increased in prevalence and sophistication during the second quarter of 2023, with DNS laundering attacks being the most common DDoS attack between April to June, according to CyberScoop. Cryptocurrency websites have been subjected to 600% more DDoS attacks during the second quarter while HTTP DDoS attacks have increased by 15% during the same period, most notable of which was an attack on Microsoft by suspected Russian hacktivist operation Anonymous Sudan, also known as Storm-1359, last month, a report from Cloudflare found. Researchers noted that Anonymous Sudan, Killnet, and an actor claiming to resurrect REvil have entered a partnership to compromise Russia's adversaries. "It appears as though the threat actors behind these attacks have deliberately engineered the attacks to try and overcome mitigation systems by adeptly imitating browser behavior very accurately, in some cases, by introducing a high degree of randomization on various properties such as user agents and JA3 fingerprints to name a few," wrote Cloudflare researchers Jorge Pacheco and Omer Yoachimik.