Google Cloud Armor protects customers from largest HTTPS DDoS attack

Google Cloud Armor protects customers from largest HTTPS DDoS attack

San Francisco, Aug. 211, 2022

Google has protected a cloud customer from a Meris botnet attack with its Google Cloud Cupid DDoS protection service. This was the largest attack of its kind to date.

On June 1 at 9:45 a.m. PT sharp, the attackers began bombarding the customer’s HTTP/S load balancer with HTTPS requests. Initially it was 10,000 rps, but a few minutes later the attackers had cranked it up to 100,000 rps. It continued at this pace. Until the peak of 46 million rps was reached about 10 minutes later.

According to Google researchers‘ analysis, the traffic of the HTTPS DDoS attack ran through 5,256 IP addresses in 132 countries . Google kept mum about the type of malware associated with the attack. However, analysis of the origin of the attack points to the involvement of Mēris, a botnet behind two previous DDoS record holders (17.2 million RPS and 21.8 million RPS, respectively).
Obviously, DdoS attacks are currently the preferred tool among threat actors. Cloudflare alone reported a 175% increase for the fourth quarter of 2021. Microsoft managed to prevent the largest DDoS attack ever (not to be confused with HTTPS – DDoS), which reached 3.47 terabits per second.