Cloudflare blocked a 2.5 Tbps DDoS attack aimed at the Minecraft server

Cloudflare mitigated a record distributed denial-of-service (DDoS) attack against Wynncraft, one of the largest Minecraft servers.

Cloudflare announced it has mitigated a record distributed denial-of-service (DDoS) attack against Wynncraft, one of the largest Minecraft servers.

The Cloudflare DDoS threat report 2022 Q3 states that multi-terabit massive DDoS attacks have become increasingly frequent. In Q3, the company mitigated multiple attacks that exceeded 1 Tbps.

The largest attack was a 2.5 Tbps DDoS attack against the Minecraft server, it was launched by a Mirai botnet.

“The largest attack was a 2.5 Tbps DDoS attack launched by a Mirai botnet variant, aimed at the Minecraft server, Wynncraft. This is the largest attack we’ve ever seen from the bitrate perspective.” states the report published by the company.

“It was a multi-vector attack consisting of UDP and TCP floods. However, Wynncraft, a massively multiplayer online role-playing game Minecraft server where hundreds and thousands of users can play on the same server, didn’t even notice the attack, since Cloudflare filtered it out for them.”

The malicious traffic was composed of UDP and TCP packets, the attack lasted for about two minutes.

The report also states that that application-layer DDoS attacks increased by 111% compared to last year. The researchers also noticed that L3/4 DDoS attacks powered by Mirai-based botnets increased by 405%

The Gaming / Gambling industry was the most targeted by L3/4 distributed denial of service attacks.

The report also states that Ransom distributed denial of service attacks increased compared to the last year.

“In Q3, 15% of Cloudflare customers that responded to our survey reported being targeted by HTTP DDoS attacks accompanied by a threat or a ransom note. This represents a 15% increase QoQ and 67% increase YoY of reported ransom DDoS attacks.” continues the report.

The country that was most targeted by HTTP DDoS attacks was Taiwan, the experts reported an increase of 200% compared to the last quarter, followed by Japan (+105%).

The countries most targeted by HTTP distributed denial of service attacks were the United States, followed by China, and Cyprus. Network-layer attacks targeted mainly hit targets in Singapore, the U.S., and China.

The experts also warn of the abuse of the BitTorrent file-sharing protocol that rose by over 1,200% QoQ.

The experts reported a resurgence of attacks abusing the CHARGEN protocol, the Ubiquity Discovery Protocol, and Memcached reflection attacks.

“Over the years, it has become easier, cheaper, and more accessible for attackers and attackers-for-hire to launch DDoS attacks. But as easy as it has become for the attackers, we want to make sure that it is even easier – and free – for defenders of organizations of all sizes to protect themselves against DDoS attacks of all types.” concludes the report.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Mirai)

[adrotate banner=”5″]

[adrotate banner=”13″]