Massive HTTP DDoS Attack Hits Record High of 71 Million Requests/Second
Like inform TheHackerNews: Web infrastructure company Cloudflare on Monday disclosed that it thwarted a record-breaking distributed denial-of-service (DDoS) attack that peaked at over 71 million requests per second (RPS). "The majority of attacks peaked in the ballpark of 50-70 million requests per second (RPS) with the largest exceeding 71 million," the company said, calling it a "hyper-volumetric" DDoS attack.
The adversarial collective, in March 2021, also emerged as one of the threat actors to exploit the ProxyLogon flaws in Microsoft Exchange Server to strike cybersecurity and procuring companies based in Eastern Europe.
Coinciding with Russia's military invasion of Ukraine last year, the Tonto Team was observed targeting Russian scientific and technical enterprises and government agencies with the Bisonal malware.
The attempted attack on Group-IB is no different in that the threat actor leveraged phishing emails to distribute malicious Microsoft Office documents created with the Royal Road weaponizer to deploy Bisonal.
"This malware provides remote access to an infected computer and allows an attacker to execute various commands on it," researchers Anastasia Tikhonova and Dmitry Kupin said in a report shared with The Hacker News.
Also employed is a previously undocumented downloader referred to as QuickMute by the Computer Emergency Response Team of Ukraine (CERT-UA), which is primarily responsible for retrieving next-stage malware from a remote server.
"The main goals of Chinese APTs are espionage and intellectual property theft," the researchers said. "Undoubtedly, Tonto Team will keep probing IT and cybersecurity companies by leveraging spear-phishing to deliver malicious documents using vulnerabilities with decoys specially prepared for this purpose."
What's Your Reaction?
