A massive HTTPS distributed denial of service (DDoS) attack against an undisclosed organisation has highlighted a new trend among attackers of exploiting large-scale cloud computing services to build their botnets, rather than compromising consumer endpoints and devices.
The attack against an unnamed Cloudflare customer, a cryptocurrency launchpad operator specialising in surfacing decentralised finance projects to potential investors, was thwarted earlier in April 2022, and although it lasted less than 15 seconds, made approximately 15.3 million requests-per-second (rps), making it one of the largest HTTPS DDoS attacks ever seen.