CloudFlare Customer Hit by 400 Gbps NTP-Based DDOS Attack
The attack is larger than the one that targeted Spamhaus last year
The DNS amplification distributed denial-of-service (DDOS) attack that targeted Spamhaus last year was said to be the largest one until that point. However, an even bigger attack has been observed by content delivery network CloudFlare.Over the past period, experts have often warned about DDOS attacks that abuse the Network Time Protocol (NTP). These types of attacks are even more powerful than ones that leverage domain name servers.
The attack targeted against one of CloudFlare’s customers peaked at over 400 Gbps, the company’s CEO, Matthew Prince, revealed on Twitter.
They’ve managed to mitigate the attack, but it was so big that it caused problems even for CloudFlare’s own network. Data centers in Europe were the most impacted by the attack.
Prince says they don’t have permission to disclose the name of the client targeted in the massive attack. However, he has hinted that they may have used stolen credit card information to pay for the DDOS mitigation services.
#protip: if you want us to stop a 400Gbps+ DDoS attack for you, don't pay with a stolen credit card.— Matthew Prince (@eastdakota) February 10, 2014
It’s uncertain if it’s related or not, but at around the same time, French hosting company OVH also reported being hit by a DDOS attack that passed the 350 Gbps mark.