CloudFlare has turned up an unusual form of denial-of-service attack: mobile advertisements that are pumping out around 275,000 HTTP requests per second.
The cloud outfit didn’t name the victim, but said the Layer 7 HTTP floods hitting the target is the latest example of a once-theoretical attack turning up in the real world.
London CloudFlare engineer Marek Majkowski says the difficulty in turning HTTP floods into a real attack was overcome using malicious JavaScript in an advertisement.
“Browser-based L7 floods have been rumored as a theoretical threat for a long time,” Majkowski says.
“It seems the biggest difficulty is not in creating the JavaScript — it is in effectively distributing it.
“Since an efficient distribution vector is crucial in issuing large floods, up until now I haven’t seen many sizable browser-based floods.”
CloudFlare copped 4.5 billion requests in a day of attacks against a customer domain, originating from around 650 thousand unique IPs addresses.
Virtually all traffic came from mobile devices in China.
view the full story here