Jump to content
albertynos

OVH hosting hit by 1Tbps DDoS attack, the largest one ever seen

Recommended Posts

The hosting company OVH was the victim of a 1 Tbps DDoS attack that hit its servers, this is the largest one ever seen on the Internet.

The hosting provider OVH faced 1Tbps DDoS attack last week, likely the largest offensive ever seen.

The OVH founder and CTO Octave Klaba reported the 1Tbps DDoS attack on Twitter sharing an image that lists the multiple sources of the attack.

Klaba explained that the servers of its company were hit by multiple attacks exceeding 100 Gbps simultaneously concurring at 1 Tbps DDoS attack. The severest single attack that was documented by OVH reached 93 MMps and 799 Gbps.

One of the attacks documented by the OVH reached 93 MMps and 799 Gbps.

According to Klaba, the attackers used an IoT botnet composed also of compromised CCTV cameras.

Unfortunately, this is not a novelty, in June 2016 security experts from Sucuri firm have discovered a large botnet of compromised CCTV devices used by crooks to launch DDoS attacks in the wild.

 

1-Tbps-DDoS-attack.jpg?w=639

 

 

Earlier this week, the website of the popular cyber security expert Brian Krebs was targeted by a DDoS attack of 665 Gbps. Experts speculate the attackers hit Krebs in response to his blog post in which he exposed a the operators behind the vDOS DDoS service.

IoT devices, including CCTV, often lack proper configuration, it is easy for hackers to locate on the Internet systems with weak or default login credentials.

Recently security experts reported several Linux malware targeting IoT devices such as Luabot and Bashlite.

Earlier September, experts from Level 3 and Flashpoint confirmed the overall number of devices infected by the BASHLITE malware is more than 1 million.

The number includes compromised devices belonging to several botnets, according to the experts, almost every infected device are digital video recorders (DVRs) or cameras (95%), the remaining is composed of routers (4%), and Linux servers (1%).

“Of the identifiable devices participating in these botnets, almost 96 percent were IoT devices (of which 95 percent were cameras and DVRs), roughly 4 percent were home routers and less than 1 percent were compromised Linux servers. This represents a drastic shift in the composition of botnets compared to the compromised server- and home router-based DDoS botnets we’ve seen in the past.” states a blog post published by Level 3 firm.

The researchers have been tracking more than 200 C&C worldwide used by the BASHLITE botnets. Fortunately, the IP addresses of the C&C servers were found hardcoded in the instance of malware detected in the wild making easy for experts to shut them down.

Back to the case of the 1Tbps DDoS attack against the OVH firms, at the time I was writing the servers were back online.

 

Source : http://securityaffairs.co/wordpress/51640/cyber-crime/tbps-ddos-attack.html

Edited by albertynos
  • Upvote 2
Link to comment
Share on other sites

13 minutes ago, AGSQ said:

Largest atack pe pula mea .... a fost in 2012 un atac din China catre un ISP (al carui nume imi scapa) care ajunsese la cateva sute de Tbps.

 

Au fost vreo 200gbps man. Atacurile de +500gbps au inceput decand cu dns/ntp amplification. Si vezi ca e tcp ack, deci nu e low profile attack. Deci cine a trimis, e profesionist :)

  • Upvote 1
Link to comment
Share on other sites

Actually, chiar e o joaca, oricine cu 200-500$ poate avea acces la asa ceva. Cumperi fisierele codate cum trebuie pentru selfreping si fiecare IoT prins scaneaza si infecteaza singur alte dispozitive. Asa se ajunge la atacuri de sute de gbs de cand cu renumitul "qbot".
Cam asa arata unul din sutele de variante de fisiere executate pe IoT 
http://pastebin.com/raw/xQWdg4Uq

Edited by Taaz
  • Upvote 2
Link to comment
Share on other sites

The number includes compromised devices belonging to several botnets, according to the experts, almost every infected device are digital video recorders (DVRs) or cameras (95%), the remaining is composed of routers (4%), and Linux servers (1%).

 

deci eu vb de Masinutze ... nu de Acest Pro "cur" ca solcanu :))  digital video recorders (DVRs) or cameras (95%) hai ma ... sunt tone de default ptr asa ceva ... intro ora iei cateva sute si rezolvi cazul ... WTF ? chiar asa de PRO e this PRO CUR :)) eu nu cred ... chiar nu cred ... din amintiri din copilarie .. stiu ca am facut o incercare ... cu Mainul  .tk si i-am aplicat una de 2 zile .. sau rupt in masele ...am  folosit un sg serv de .jp :)  aveam de asemeni boala pe apropo.ro .. si chatul lor de kkt .. iar .. au plans cu vb .. same server .jp .... DECI sa fi PRO .. nu ai fi dat in ei :)) Un PRO nu face chestiuni de genul asta :)) Just opinia mea de Tranta ;)

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...