The largest HTTPS DDoS attack recently mitigated by Cloudflare was initiated by the Mantis botnet.
In June 2022, DDoS mitigation company Cloudflare announced that it had mitigated the largest HTTPS DDoS attack launched by a botnet called Mantis.
Mantis botnet creation 26 million requests per second It uses about 5000 hijacked virtual machines and powerful servers.
“The Mantis botnet was able to generate 26 million HTTPS requests per second using: only 5,000 bots. Repeat: 26 million HTTPS requests per second only 5,000 bots. This is an average of 5,200 HTTPS rps per bot. Generating 26 million HTTP requests is hard enough to do without the additional overhead of establishing a secure connection, but Mantis has done more than that. HTTPS.” read report Published by Cloudflare.
While experts consider Mantis to be an evolution of the Meris botnet comprised of MikroTik devices, Mantis carries out its attacks by covering different VM platforms and supporting different HTTP proxy executions.
Cloudflare reported that Mantis was involved in attacks on thousands of customers. Over the past month, Mantis has launched over 3,000 HTTP DDoS attacks against Cloudflare customers.
The majority of Mantis attacks targeted organizations in the internet and telecommunications industries (36%), followed by the news, media and publishing industries (15%), gaming (12%), and finance (10%).
The majority of target organizations are in the United States (20%), followed by Russian-based companies (15%), followed by less than 5% in Turkey, France, Poland and Ukraine.
Mantis is regarded by experts as the most powerful botnet to date, and for this reason it is likely to be involved in many other attacks in the coming months.
Follow me on Twitter: @securityaffairs and Facebook
(security work – Hacking, Mantis)
share