HyperAI

Well-known Technology Community Suffered DDoS Attack for Three Consecutive Days, With up to 200,000 Requests Per Second

5 years ago
Big factory news
Information
神经小兮
特色图像

V2EX, a well-known technology and creative community, has been attacked by DDoS for three consecutive days. The attack sources came from IPs in more than 200 countries and regions, and the attack has not stopped yet.

V2EX has been under DDoS attack for three consecutive days and the attack has not stopped yet.

According to data provided by V2EX founder Livid,The website was hit with 12 million requests per minute.

Many users said that V2EX seemed to have been attacked

Livid tweeted: “These massive, distributed attacks were coming from over 200 countries and regions, with as many as 100,000 to 200,000 requests per second.”

He also tagged Cloudflare CEO Matthew Prince and asked for help: "My website has been under attack for three days, and the attacker seems to have successfully bypassed Cloudflare's captcha mechanism."

Therefore, the attackers this time look very professional.

Currently Livid saidI had to rely on hand-writing firewall rules to mitigate the situation, and Cloudflare engineers are working to resolve it.

V2EX is a technology and creative community where users discuss topics such as programming, design, hardware, and games. There are many programmers and designers among the users. There are also many posts about DDoS defense in the community. Now, I wonder if the methods shared before can be used now.

V2EX DDoS protection provider, known as a cybersecurity unicorn

DDoS protection for the V2EX website is provided by Cloudflare.

Cloudflare was founded in 2009 and is headquartered in San Francisco. It mainly provides customers with DDoS protection, web application firewalls, reverse proxy-based content delivery networks (Content Delivery Network, CDN), domain name servers and related technical support.

When the company was first established, it attracted attention after its services successfully resisted attacks designed by the hacker group LulzSec.

Cloudflare was officially listed on the New York Stock Exchange on September 13, 2019,Share price surged more than 25% on first day of IPO

Cloudflare's ultimate goal is to become the "first stop" for everyone to access the web.It stands between Internet visitors and servers, providing a wide range of security and acceleration services.

Before its listing, the company was valued at over 20 billion yuan and was known as a cybersecurity unicorn.

However, as one of Cloudflare's customers, V2EX has been frequently attacked in recent years. In April 2015, Livid tweeted that "V2EX is being attacked by DDoS. The port is full."

DDoS: Simple, crude and difficult to prevent

DDoS (Distributed Denial of Service) refers to a distributed denial of service attack, which is one of the most common network attack methods.The attack method can be described as simple and crude.

The attacker controlled multiple computers in different areas to attack the target server.The purpose is to force the other party's network or system to exhaust its resources, forcing it to suspend services and making it inaccessible to normal users.

There is a metaphor that DDoS attacks are like causing traffic jams.,Blocking regular traffic from reaching its intended destination

Exploited machines can include computers and other Internet-connected resources, such as IoT devices, which are often referred to as “bots.”

In recent years, many large websites have also been plagued by DDoS attacks.

In October 2016,According to user feedback, hundreds of websites including Twitter, Spotify, Netflix, Github, Airbnb, Visa, CNN, and the Wall Street Journal were inaccessible and could not be logged in. It was later determined that the "network outage" was caused by a large-scale DDoS attack on Dyn, the main DNS service provider in the United States. Dyn said that the attack came from more than 10 million IP sources.

In the early morning of March 1, 2018,GitHub suffered the worst DDoS network attack in history, with peak traffic reaching an unprecedented 1.35Tbps. Even in this community with the largest concentration of programmers in the world, it was not spared from the clutches of DDoS. According to foreign media reports, the attacker used a previously disclosed Memcached vulnerability to carry out the attack, which can multiply the effect of the attack and is called a DRDoS reflection attack.

In October 2019,AWS DNS server suffered a severe DDoS attack, causing it to be paralyzed for 15 hours.

According to the "2019 DDoS Threat Report" released by Tencent Cloud, the DDoS attack situation remained severe in 2019, and the proportion of DDoS attacks in emerging popular industries such as live streaming and e-commerce also increased significantly.

Report shows that the gaming industry is a major target for hackers

In terms of attack peak,Since the industry discovered a peak of 1.94 Tbps in 2018, DDoS attacks reaching the TB level are no longer an isolated incident.At the same time, overseas attacks accounted for 15%, almost double the 8% in 2018.

-- over--