Qrator Labs, a cybersecurity company, has successfully defended against what appears to be the largest botnet-driven DDoS attack recorded this year, involving 5.76 million compromised devices targeting government infrastructure.
Security researchers first identified this particular botnet earlier in the year with over 1 million infected devices, growing to nearly six million compromised systems by early this month.
The attack unfolded in two distinct waves against the government target. Initial attack involved 2.8 million devices, followed by an even larger second wave using three million compromised systems an hour later.
Geographic analysis revealed the global scope of the threat, with infected devices concentrated in several key regions. Brazil accounted for the largest portion at 1.41 million compromised systems, and the United States added 647,000 infected machines to the botnet amongst other countries.
This incident coincides with other record-breaking cyberattacks reported in recent months. Cloudflare documented a separate attack reaching 11.5 terabits per second – the largest volumetric DDoS flood ever recorded, though lasting only 35 seconds. This incident saw record number of compromised devices (5.76 million), while the Cloudflare attack broke records for data volume and bandwidth intensity (reaching 11.5 terabits per second). One demonstrates how many devices attackers can hijack, while the other shows how much traffic they can generate.
Both signal escalating DDoS threats that cybersecurity teams and providers must prepare for across different attack vectors and methodologies.
Cybersecurity experts warn that attacks of this magnitude pose severe risks beyond individual targets. When directed at unprotected infrastructure, botnets this size can generate tens of millions of requests per second, overwhelming servers almost instantaneously.
To read more about the attack and how Qrator Labs mitigated it, check out the full details on their official blog post.
Leave a Reply