Cloudflare Recorded the Most Powerful DDoS Attack in the History of Observations

Over the weekend, Cloudflare blocked what it calls the most powerful DDoS attack in history to date. The most powerful wave of this attack reached 71 million RPS (requests per second).

The company said that they coped with more than one record attack, but repelled several powerful DDoS waves directed at its customers at once.

Let me remind you that such attacks are usually called “volumetric” and they differ from classic DDoS attacks, as in them attackers focus on sending as many unwanted HTTP requests as possible to the victim’s server in order to load its CPU and RAM, preventing users from using the target sites.

The previous record, which experts write about, was recorded by Google in the summer of 2022. Then an unnamed Google Cloud Armor client was subjected to a DDoS attack over the HTTPS protocol, which reached a capacity of 46 million requests per second.

According to Cloudflare analysts, the new record attack came from more than 30,000 IP addresses belonging to several cloud providers. The DDoS has been directed against a number of targets, including game providers, cloud computing platforms, cryptocurrency companies, and hosters.

The company emphasized that the attack was not related to the activity of the Killnet hack group or the Super Bowl last weekend.

The Cloudflare report also notes that the new records are quite consistent with the company’s recent research, according to which DDoS attacks become more frequent and more powerful every year:

1. the number of HTTP DDoS attacks increased by 79% compared to last year;
2. the number of “volume” attacks exceeding 100 Gbps increased by 67% compared to the previous quarter;
3. the number of attacks lasting more than three hours increased by 87% compared to the previous quarter.