Breach, Threat Management

Record-breaking DDoS attack attributed to Mantis botnet

Cloudflare has dubbed the botnet behind the record-breaking 26 million request per second HTTPS-based distributed denial-of-service attack it had thwarted last month as "Mantis," reflecting its Meris botnet origins, reports The Register. Mantis only leveraged a little more than 5,000 botnets for the largest HTTPS-based DDoS attack yet, according to a report written by Cloudflare Product Manager Omer Yoachimik. "That's an average of 5,200 HTTPS rps per bot. Generating 26M HTTP requests is hard enough to do without the extra overhead of establishing a secure connection, but Mantis did it over HTTPS," Yoachimik noted. Nearly 1,000 Cloudflare customers have been targeted by the Mantis botnet during the past few weeks, most of which were internet and telecommunications companies followed by news, media, and publishing firms, and gaming and finance entities. U.S.-based organizations were most targeted by the DDoS attacks, accounting for more than 20% of the targets, followed by Russian-based firms.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.