News

Chinese Devices Mount Massive DDoS Web Attack

Cyber attacks are an increasing and dangerous threat which is perpetrated by groups and countries alike, these attacks are a substantial threat to free speech, livelihoods of website operators and also the whole infrastructure of the Internet. It’s no surprise to learn that a huge DDoS attack against a target website resulted in 650,000 devices being unwittingly enrolled into a giant cyber attack which overwhelmed its target.

And where did this attack originate from? That’s right, our friends over at the democracy-suppressing Truman Show style country that is China. The attack transmitted a staggering 4.5 billion separate requests for data in one day to the target destination. Below is an image which analyses the log timeframe of HTTP requests per hour, as you can see, requests for data ramped up dramatically within only a relatively small period of time before dissipating.

Since the attack had been levelled at a client of US Company CloudFlare, they were able to “write a dedicated script and were able to further analyze 17M log lines, about 0.4% of the total requests” They found that 99.8% of the flood was originating from China while 0.2% was labelled as “Other” They were also able to determine that 80% of the requests came from mobile devices .

So, how is it possible to booby trap an amazingly high number of devices? CloudFlare security analyst Marek Majkowski speculated that an ad network might have been the root cause which was compromised and used as a distribution vector for the attack. “It seems probable that users were served advertisements containing malicious JavaScript. These ads were likely shown in iframes within mobile apps, or mobile browsers to people while they were casually browsing the internet”

Think of this speculated but plausible scenario like this, while a user was browsing the Internet or through an app, he or she was served an iframe which contained an advertisement. This ad had been requested from an ad network who then forwarded the request to a third-party that won the ad auction. This meant that either the third-party was the “attack page” or it forwarded the user to an attack page, by doing this the user was served a page containing malicious Java Script which then launched a flood of XHR requests against CloudFlare servers.

CloudFlare have declined to name the company which had their server attacked but are warning against future cyber attacks with the same level of intensity. It’s a worrying trend which has many outlets including the Darth Vader weapon of choice “The Great Cannon.” This is also not serving the long-established technique of serving ads to consumers via the Internet, if advertisements are increasingly being injected with malicious code, consumers are going to use extensions to block them.

The Internet connects the world and is seen as a necessity and therefore a human right by powerful individuals, what countries want you to see on the net, well, that’s a whole different ball game.

Thank you blog.cloudflare for providing us with this information.

Image courtesy of cloudpro

Christopher Files

Disqus Comments Loading...

Recent Posts

Electronic Arts Titles Played for Over 11 Billion Hours in 2024

Electronic Arts (EA) announced today that its games were played for over 11 billion hours…

2 days ago

Just 15% of Steam Gaming Time in 2024 Was Spent on New Releases

Steam's annual end-of-year recap, Steam Replay, provides fascinating insights into gamer habits by comparing individual…

2 days ago

STALKER 2 Gets Massive 110GB Patch With 1800+ Fixes

GSC GameWorld released a major title update for STALKER 2 this seeking, bringing the game…

2 days ago

Intel Unveils Core 200H Processors Based on the Previous Raptor Lake Refresh

Without any formal announcement, Intel appears to have revealed its new Core 200H series processors…

3 days ago

Ubisoft Reportedly Developing a New Quadruple A Game

Ubisoft is not having the best of times, but despite recent flops, the company still…

3 days ago

STALKER 2: Heart of Chornobyl Update 1.1 Fixes 1,800 Issues and Revamps A-Life 2.0

If you haven’t started playing STALKER 2: Heart of Chornobyl yet, now might be the…

3 days ago