Mirai botnet targets Wynncraft Minecraft with DDoS attack
Security company Cloudflare recently ended a 2.5 Tbps distributed denial-of-service (DDoS) attack launched by a Mirai botnet. The company announced the incident while pointing to an increase in multi-terabit DDoS attacks and longer-lasting volumetric attacks during this timeframe.
Researcher Omer Yoachimik describes the bug as a “multi-vector attack consisting of UDP and TCP floods.” He explained that the DDoS attack in question targeted the Minecraft server Wynncraft in the third quarter of 2022.
“The entire 2.5 Tbps attack lasted about 2 minutes, and the peak of the 26 million rps attack [was] only 15 seconds. This is the largest attack we’ve ever seen from the nitrate perspective. Over the years, it has become easier, cheaper and more accessible for attackers and attackers-for-hire to launch DDoS attacks,” explained Yoachimik.
While the disclosure comes nearly 10 months after Microsoft claimed to have stopped a record-breaking 3.47 Tbps DDoS attack in November 2021 on an unnamed customer in Asia, it also confirms recent claims that attackers are now doing everything they can to launch DDoS attacks on organizations using sophisticated tools.
Ransom DDoS attacks, in which threat actors demand financial compensation to stop attacks, have already increased 15% quarter-on-quarter and jumped 67% year-on-year.
Researchers noted an increase in attacks on Taiwan and Japan. In the case of application layer DDoS attacks, also known as HTTP DDoS attacks, the attacks specifically target companies in the U.S., China and Cyprus, and most of the attacks originate from China, India and the U.S.
Researchers have also discovered that attacks on network layers, also known as Layer 3 DDoS attacks, have been recorded against gaming, telecommunications and IT service sectors in Singapore, U.S. and China.
A distributed denial-of-service attack is a malicious attempt that seeks to disrupt the normal traffic of a targeted server, server, or network by flooding the target or its surrounding infrastructure with a flood of internet traffic. Simply put, it is an attack that can be likened to an unexpected traffic jam clogging the highway and preventing regular traffic from reaching its destination.
To achieve their goal, this type of attack use several infected computer systems as a source of attack traffic. Exploited machines include computers and IoT devices.
It is therefore important that organizations take security measures to protect themselves from DDoS attacks by implementing security measures and frameworks.
The sources for this piece include an article in TheHackerNews.