KrebsOnSecurity Hit With Near-Record 6.3 Tbps DDoS (krebsonsecurity.com)
(Tuesday May 20, 2025 @11:30PM (BeauHD)
from the under-attack dept.)
- Reference: 0177663611
- News link: https://tech.slashdot.org/story/25/05/20/2215258/krebsonsecurity-hit-with-near-record-63-tbps-ddos
- Source link: https://krebsonsecurity.com/2025/05/krebsonsecurity-hit-with-near-record-6-3-tbps-ddos/
KrebsOnSecurity was [1]hit with a near-record 6.3 Tbps DDoS attack , believed to be a test of the powerful new Aisuru IoT botnet. The attack, lasting under a minute, was the largest Google has ever mitigated and is linked to a DDoS-for-hire operation run by a 21-year-old Brazilian known as "Forky." Brian Krebs writes:
> [Google Security Engineer Damian Menscher] said the attack on KrebsOnSecurity lasted less than a minute, hurling [2]large UDP data packets at random ports at a rate of approximately 585 million data packets per second. "It was the type of attack normally designed to overwhelm network links," Menscher said, referring to the throughput connections between and among various Internet service providers (ISPs). "For most companies, this size of attack would kill them." [...]
>
> The 6.3 Tbps attack last week caused no visible disruption to this site, in part because it was so brief -- lasting approximately 45 seconds. DDoS attacks of such magnitude and brevity typically are produced when botnet operators wish to test or demonstrate their firepower for the benefit of potential buyers. Indeed, Google's Menscher said it is likely that both the May 12 attack and the slightly larger 6.5 Tbps attack against Cloudflare last month were simply tests of the same botnet's capabilities. In many ways, the threat posed by the Aisuru/Airashi botnet is [3]reminiscent of Mirai , an innovative IoT malware strain that emerged in the summer of 2016 and successfully out-competed virtually all other IoT malware strains in existence at the time.
[1] https://krebsonsecurity.com/2025/05/krebsonsecurity-hit-with-near-record-6-3-tbps-ddos/
[2] https://docs.aws.amazon.com/whitepapers/latest/aws-best-practices-ddos-resiliency/udp-reflection-attacks.html
[3] https://it.slashdot.org/story/16/10/03/1359200/source-code-for-iot-botnet-mirai-which-took-down-krebs-on-security-website-with-ddos-attack-released
> [Google Security Engineer Damian Menscher] said the attack on KrebsOnSecurity lasted less than a minute, hurling [2]large UDP data packets at random ports at a rate of approximately 585 million data packets per second. "It was the type of attack normally designed to overwhelm network links," Menscher said, referring to the throughput connections between and among various Internet service providers (ISPs). "For most companies, this size of attack would kill them." [...]
>
> The 6.3 Tbps attack last week caused no visible disruption to this site, in part because it was so brief -- lasting approximately 45 seconds. DDoS attacks of such magnitude and brevity typically are produced when botnet operators wish to test or demonstrate their firepower for the benefit of potential buyers. Indeed, Google's Menscher said it is likely that both the May 12 attack and the slightly larger 6.5 Tbps attack against Cloudflare last month were simply tests of the same botnet's capabilities. In many ways, the threat posed by the Aisuru/Airashi botnet is [3]reminiscent of Mirai , an innovative IoT malware strain that emerged in the summer of 2016 and successfully out-competed virtually all other IoT malware strains in existence at the time.
[1] https://krebsonsecurity.com/2025/05/krebsonsecurity-hit-with-near-record-6-3-tbps-ddos/
[2] https://docs.aws.amazon.com/whitepapers/latest/aws-best-practices-ddos-resiliency/udp-reflection-attacks.html
[3] https://it.slashdot.org/story/16/10/03/1359200/source-code-for-iot-botnet-mirai-which-took-down-krebs-on-security-website-with-ddos-attack-released
Great test (Score:2)
by viperidaenz ( 2515578 )
They showed the world that their botnet is not capable of hurting any site with Google or Cloudflare ddos protection. That the target doesn't even notice something happened until they hear about it in the news.
Time to classify this as terrorism (Score:2, Insightful)
And invest appropriate effort into finding these cretins ...
Re: Time to classify this as terrorism (Score:2)
they know who it is, read the summary.
Re:Time to classify this as terrorism (Score:5, Informative)
Wrong. Brian Krebs lives with his wife Jennifer in Northern Virginia as it says on the [1]About the Author [krebsonsecurity.com] page on his website.
[1] https://krebsonsecurity.com/about/
Re: (Score:2)
No he doesn't. Don't just make shit up. And if he was "beholden to putin" , he'd have fallen out a window long ago for constantly exposing russian hacking and disinfo plots.