The record-breaking distributed denial-of-service (DDoS) attack that Cloudflare mitigated last month originated from a new botnet called Mantis, which is currently described as "the most powerful botnet to date."
云服务厂商Cloudflare 上个月缓解的破纪录的分布式拒绝服务 (DDoS) 攻击源自一个名为 Mantis 的新僵尸网络,目前被描述为“迄今为止最强大的僵尸网络”。
The attack peaked at 26 million requests per second that came from 5,067 devices. The previous record was held by Mēris botnet, which launched an attack that spiked at 21.8 million requests per second.
攻击峰值达到每秒 2600 万个请求,来自 5,067 台设备。之前的记录由 Mēris 僵尸网络保持,其网络发起的攻击以每秒 2180 万次请求飙升。
DDoS mitigation company Cloudflare, has been tracking Mantis botnet attacks against one thousands of its customers.
DDoS 防御公司Cloudflare 一直在跟踪对其数千名客户的 Mantis 僵尸网络攻击。
Not your ordinary botnet
不是普通的僵尸网络
Cloudflare explains in a report today that its analysts named the botnet Mantis after the Mantis Shrimp that can deliver devastating blows with its claws while being roughly 10 cm (4 inches) long. Similarly, the botnet is extremely powerful despite relying on a small number of devices.
Cloudflare 在一份报告中解释说 ,其分析师将僵尸网络 Mantis 命名为螳螂虾 ,这种虾可以用它的爪子造成毁灭性的打击,大约10 厘米(4 英寸)长。虽然依赖于少量设备,但僵尸网络却非常强大。
Typical botnets need to compromise a large number of connected devices to accumulate sufficient firepower to deliver disrupting attacks against protected targets.
典型的僵尸网络需要控制大量连接的设备以积累足够的火力来对受保护目标进行破坏性攻击。
Mantis targets focuses on servers and virtual machines, which come with significantly more resources.
Mantis 的目标集中在服务器和虚拟机上,它们拥有更多的资源。
Generating many HTTPS requests is a resource-demanding process, so the more powerful the devices that constitute the botnet swarm, the more potent the DDoS attacks they can launch.The previous record holder, Mēris, achieved particularly strong attacks by recruiting MikroTik devices, which feature powerful hardware.
生成许多HTTPS请求是一项非常耗费资源的过程,因此构成僵尸网络群的设备功能越强大,它们可以发起的DDoS攻击就越强大。之前的记录保持者Mēris通过控制具备强大硬件功能的MikroTik设备,实现了特别强大的攻击。
Mantis victims
螳螂虾受害者
Mantis targets entities in the IT and telecom (36%), news, media, and publications (15%), finance (10%), and gaming (12%) sectors. Over the past 30 days, Mantis launched 3,000 DDoS attacks against almost a thousand Cloudflare customers, the company notes.
Mantis 针对 IT 和电信 (36%)、新闻、媒体和出版物 (15%)、金融 (10%) 和游戏 (12%) 领域的实体。该公司指出,在过去 30 天里,Mantis 对近千名 Cloudflare 客户发起了 3,000 次 DDoS 攻击。
Most of the targets are organizations in the United States (20%) and the Russian Federation (15%), while victims in Turkey, France, Poland, Ukraine, the UK, Germany, Netherlands, and Canada account for percentages between 2.5% and 5%.
大多数目标是美国 (20%) 和俄罗斯联邦 (15%) 的组织,而土耳其、法国、波兰、乌克兰、英国、德国、荷兰和加拿大的受害者比例在 2.5% 和5%。
To help admins prepare for DDoS attacks, Cloudflare has issued a set of best preventative measures and guidance on how to respond to the attacks.
为了帮助管理员为 DDoS 攻击做好准备,Cloudflare 发布了一套关于如何应对攻击的最佳预防措施和指南 。
人法地,地法天,天法道,道法自然。
——《道德经.第二十五章》
本文翻译自:
https://www.bleepingcomputer.com/news/security/mantis-botnet-behind-the-record-breaking-ddos-attack-in-june/
如若转载,请注明原文地址
,
