150,000 IoT Devices behind the 1Tbps DDoS attack on OVH

The hosting provider OVH continues to face massive DDoS attacks launched by a botnet composed at least of 150000 IoT devices.

Last week, the hosting provider OVH faced 1Tbps DDoS attack, likely the largest one ever seen.

The OVH founder and CTO Octave Klaba reported the 1Tbps DDoS attack on Twitter sharing an image that lists the multiple sources of the attack.

“Last days, we got lot of huge DDoS. Here, the list of “bigger that 100Gbps” only. You can see the simultaneous DDoS are close to 1Tbps !” said Klaba.

Klaba explained that the servers of its company were hit by multiple attacks exceeding 100 Gbps simultaneously concurring at 1 Tbps DDoS attack. One of the attacks documented by the OVH reached 93 MMps and 799 Gbps.

Klaba speculated the attackers used an IoT botnet composed also of compromised CCTV cameras. Now we have more information on the

Now Klaba added further information on the powerful DDoS attacks, the CTO of the OVH claimed that the botnet used by attackers is powered by more than 150,000 Internet of Things (IoT) devices, including cameras and DVRs.

The overall botnet is capable of launching attacks that exceed 1.5 Tbps.

The bad news for the OVH company is that attacks are still ongoing and the size of the botnet is increasing.

“+6857 new cameras participated in the DDoS last 48H.” added Klaba.

The company was targeted by various types of traffic, including Generic Routing Encapsulation (GRE) traffic, a novelty in the DDoS landscape.

Unfortunately, such kind of DDoS attacks will be even more frequent, it is too easy for hackers gain control of poorly configured, or vulnerable, IoT devices.

Last week experts observed another massive DDoS that targeted the website of the popular cyber security expert Brian Krebs. Krebsonsecurity was targeted by a DDoS attack of 665 Gbps.

The attacks against OVH and Krebsonsecurity are the largest ones reported so far.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – 1 Tbps DDoS attack, IoT)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.