1000 Cloudflare Customers Attacked by Mantis Botnet DDoS
Named Mantis by web protection firm Cloudflare, the botnet responsible for the greatest HTTPS distributed denial-of-service (DDoS) attack in June 2022 has been connected to over 3,000 strikes on almost 1,000 Cloudflare clients.
The HTTPS DDoS attack reached a record-high 26 million requests per second (PRS), with each node producing about 5,200 RPS, against an unnamed customer website using the Free plan.
More than 212 million HTTPS requests were made during the tsunami of junk traffic, which originated from more than 1,500 networks across 121 nations, with Indonesia, the U.S., Brazil, Russia, and India receiving the majority of them. Internet and telecom, media, gaming, finance, publishing, and retail are among the industry verticals that are most frequently attacked (36%).
Mantis is a small botnet, with around 5,000 of them, but because they are running on strong servers and hacked virtual machines, they have far more strength than their small size would indicate.
Omer Yoachimik, the product manager from Cloudflare, noted that the Mantis is the “next evolution” of the Meris botnet, which, the record breaker of last year, depended on Mikro Tik devices and hit a 22 million RPS DDoS assault. But unlike its predecessor, Mantis doesn’t use IoT devices like DVRs and routers.
The Mantis botnet employs a "small fleet" of bots that can swiftly produce great amounts of force and launch widespread HTTP DDoS attacks. These attacks are more "computationally expensive" since the attacker must create an encrypted transport layer security link.
DDos, along with other types of cyber threats such as malware, ransomware and phishing, etc. put countless businesses in jeopardy. In fact, according to Cloudflare, application-layer and network-layer DDoS attacks grew by 72% and 109% respectively in the second quarter of 2022.
Therefore, having a well-rounded data protection plan is a priority. Other than internet fences and personal awareness improvements such as firewall, security software, password authentication, and regular system updates. Is there any precautionary measure to take for the sake of the data themselves?
Of course, there is. Vinchin Backup & Recovery is a professional backup software that supports data backup, recovery, management and anti-ransomware protection across 11 platforms. (VMware, XenServer, etc.)
Frequent backups: Vinchin Backup & Recovery employs CBT (Changed Block Tracking)/SpeeKit (CBT substitute)-driven incremental backup on daily, weekly and monthly schedules to automate frequent backups as the recovery resources.
Anti-ransomware backup storage protection: The real-time I/O of the software detects and blocks any previously unknown anomalous access requests, which guarantees the only authorized and accessible subject is Vinchin backup server.
15s Instant recovery: Minimize RTO and business disruption with instant recovery that recovers a corrupted VM in 15s after a failure or disaster. Selecting target storage/network to restore and powering on the VM after restoring are available to customize recovery configurations.
Even though there are so many companies that fell victims to DDoS attacks and other cyber attacks, it doesn’t mean that we can do nothing in front of these all-pervasive internet threats. Instead, we can build a strategy and conduct it in an orderly fashion facing malicious actors, starting with data backup.