Screenshot 2022 07 18 133037

Cloudflare named the botnet behind record-breaking DDoS attack

Cloudflare says that Mantis botnet is responsible for the 26 million requests per second.HTTPS DDoS attack, the largest on record.

Cloudflare claims the largest distributed denial-of-service (DDoS) attack was the work of a botnet the company dubbed ‘Mantis.’ The name alludes to a Mantis shrimp, a small yet powerful crustacean.

“Similarly, the Mantis botnet operates a small fleet of approximately 5,000 bots, but with them can generate a massive force — responsible for the largest HTTP DDoS attacks we have ever observed,” Cloudflare says.

According to the company, a few thousand bots generating 26 million HTTPS requests per second (rps) is an astounding capability given the relatively small size of the botnet. Moreover, the attack was carried over HTTPS.

“HTTPS DDoS attacks are more expensive in terms of required computational resources because of the higher cost of establishing a secure TLS encrypted connection. This stands out and highlights the unique strength behind this botnet,” the company said.

Unlike more traditional botnets made up of Internet of Things (IoT) devices, Mantis employs hijacked virtual machines and powerful servers, adding to the overall computational strength of the botnet.

Cloudflare claims that Mantis is the next evolution of Meris botnet, the recent record-holder for the largest DDoS attack. Meris botnet relied on over 250,000 MikroTik network devices.

“Mantis has branched out to include a variety of VM platforms and supports running various HTTP proxies to launch attacks. The name Mantis was chosen to be similar to “Meris” to reflect its origin, and also because this evolution hits hard and fast,” the blog post read.

Threat actors behind the Mantis botnet targeted close to 1,000 Cloudflare customers since its discovery last month, carrying out over 3,000 attacks.

Botnet mainly targeted the Internet and Telecommunications industry with 36% of the attack share. The News, Media, and Publishing industry was the second most lucrative target, followed by Gaming and Finance.

Most of the targeted companies, a tad over 20%, were in the US. 15% of Mantis’ victims were in Russia. Targets in Turkey, France, Poland, and Ukraine each comprised around 5% of the total attack share.


Leave a Comment

Your email address will not be published.