Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
The KrebsOnSecurity website was recently hit by a denial-of-service attack that peaked at 6.3 terabits of data per second.
As a rule, journalists generally don’t like to be the headline in their own articles, but when you get hit by possibly the second-largest distributed denial-of-service (DDoS) attack in history, you kind of have no choice.
That’s exactly what happened to cyber security investigator and journalist Brian Krebs after his website was the target of the massive attack on 12 May, which he wrote about on 20 May.
The attack – which was measured at a massive 6.3 terabits of data per second – was 10 times the size of a previous attack on the site in 2016. That attack was perpetrated by the Mirai internet of things (IoT) botnet and took Krebs’ site down for four days.
Krebs believes this attack came from a similar – though far larger and more dangerous – IoT botnet. As Krebs’ site, KrebsOnSecurity, was protected by Google’s Project Shield, Krebs was able to learn more about the attack from one of Google’s security engineers, Damian Menscher, who told Krebs that this attack was second only to one that Cloudflare handled in April, and was certainly the largest that Google had ever had to deal with.
“After comparing notes with Cloudflare, Menscher said the botnet that launched both attacks bears the fingerprints of Aisuru, a digital siege machine that first surfaced less than a year ago,” Krebs said in a blog post.
“Menscher said the attack on KrebsOnSecurity lasted less than a minute, hurling large UDP data packets at random ports at a rate of approximately 585 million data packets per second.”
According to Menscher, an attack of this size would kill most companies.
The Aisuru botnet is commonly shopped around on various Telegram channels and can be rented on a daily or weekly basis, for US$150 and US$600, respectively. The botnet appears to be linked to the owner of a Brazilian DDoS defence firm and ISP, Botshield.
Krebs and Menscher both believe this attack, and the April one, were either tests or demonstrations of the botnet’s capabilities.
“In many ways, the threat posed by the Aisuru/Airashi botnet is reminiscent of Mirai, an innovative IoT malware strain that emerged in the summer of 2016 and successfully out-competed virtually all other IoT malware strains in existence at the time,” Krebs said.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
