Hacktivists summoned up a massive and previously undocumented 300Gbps DDoS attacks earlier this summer by exploiting an obscure motherboard-level flaw on 100,000 unpatched servers, according to VeriSign.
As reported by Techworld, an unidentified data centre found itself on the receiving end of a determined DDoS “siege”, which started with a three-hour SYN and TCP flood, a standard softening up process.
After mitigation, the attackers changed tack not long after to use large UDP packets, quickly reaching a peak traffic volume of 250Gbps that required VeriSign to start shuffling the load around its global capacity. For the following 24 hours, the mitigation systems had to cope with more than 30 short but large bursts of UDP and TCP as the attackers probed for weaknesses.