Cloudflare Issues Advisory About Mantis Botnet Behind the Most Powerful DDoS Attack
The internet infrastructure firm Cloudflare has released an advisory about a powerful botnet dubbed Mantis. The botnet was behind the largest-ever HTTPS-based distributed-denial-of-service (DDoS) attack in June 2022 and has targeted around 1,000 customers in the past few weeks.
Cloudflare explained that its security team mitigated the record-breaking DDoS attack last month that reached a peak of 15.3 million requests-per-second (rps). The Mantis botnet utilizes a small fleet of bots (more than 5,000) to disrupt businesses.
Interestingly, these HTTPS-based DDoS attacks require more computing power due to the higher cost of establishing a secure TLS connection over the internet. It’s one of the reasons that the botnet uses virtual machines (VMs) and servers to launch the attack rather than relying on home gateways and Internet of Things (IoT) devices.
“Mantis is the next evolution of the Meris botnet. The Meris botnet relied on MikroTik devices, but Mantis has branched out to include a variety of VM platforms and supports running various HTTP proxies to launch attacks. The name Mantis was chosen to be similar to “Meris” to reflect its origin, and also because this evolution hits hard and fast,” Cloudflare said.
How to prevent Mantis and other DDoS attacks
As reported by Cloudflare researchers, the Mantis botnet has successfully compromised 36 percent of customers in the internet and telecommunications sector. It has also targeted 15 percent of news organizations, followed by games publishers and finance firms (around 12 percent).
Additionally, Cloudflare notes that more than 20 percent of victims are based in the United States, and over 15 percent of the DDoS attacks targeted Russian companies. Other common targets include the UK, France, Canada, Turkey, China, Poland, Ukraine, China, and other countries.
Cyber attacks on small businesses and large organizations are becoming more frequent and targeted amid Russia’s invasion of Ukraine. Cloudflare has detailed some preventive strategies and a step-by-step guide on responding to DDoS attacks, and you can find more details on this support page.
More in Security
CISA Releases New Free Tool to Identify Threats in Microsoft Cloud Services
Mar 24, 2023 | Rabia Noureen
Microsoft Defender for IoT Gets Cloud-Powered Security Features to Protect Enterprise Networks
Mar 21, 2023 | Rabia Noureen
Azure Firewall Basic Now Available to Protect Small Businesses Against Cyberattacks
Mar 16, 2023 | Rabia Noureen
Microsoft Releases Updates to Patch Critical Outlook NTLM Vulnerability
Mar 16, 2023 | Rabia Noureen
Microsoft Warns About New MFA Bypass Tool Used in AiTM Phishing Campaigns
Mar 15, 2023 | Rabia Noureen
Microsoft 365 Defender Adds Real-Time Custom Detections Support in Preview
Mar 14, 2023 | Rabia Noureen
Most popular on petri