Bigger Than Mirai: Leet Botnet Delivers 650 Gbps DDoS Attack

Reader Mark Wilson writes: Earlier in the year, a huge DDoS attack was launched on Krebs on Security. Analysis showed that the attack pelted servers with 620 Gbps, and there were fears that the release of the Mirai source code used to launch the assault would lead to a rise in large-scale DDoS attacks. Welcome Leet Botnet. In the run-up to Christmas, security firm Imperva managed to fend off a 650 Gbps DDoS attack. But this was nothing to do with Mirai; it is a completely new form of malware, but is described as "just as powerful as the most dangerous one to date". The concern for 2017 is that "it's about to get a lot worse". Clearly proud of the work put into the malware, the creator or creators saw fit to sign it. Analysis of the attack showed that the TCP Options header of the SYN packets used spelled out l33t, hence the Leet Botnet name.

Internet of shit strikes again!

[Desler]

Should rename these from IoT devices to Internet of DDoS devices.

Re:No way to cut the problem at the root?

[TheDarkMaster]

I know very well, thank you. Enough to know that try to filter at the target of attacks is practically useless and is why I am asking if there is any way that I do not know yet to solve the problem at the other end of the connection. And to avoid another dumb response from you I already know that filtering in the source of the attacks is difficult, If it were easy I would not be asking for alternatives.

DDOS has had its 15 minutes

[xanthos]

Ok, everybody who was effected by this raise your hands! Anybody?

These DDOS attacks are mildly interesting but irrelevant in the grander scheme of things. Given the nature of the attack payloads, it probably would have been effective at less than 100 Gbps so why hype the new high watermark? AFAIK, DDOS isn't a huge money maker so this isn't a threat in the same league as ransomware.

Quit trying to promote vandalism as news and maybe, just maybe it will become less interesting a thing to do.