Cloudflare Thwarts Largest-Ever 3.8 Tbps DDoS Attack Targeting Global Sectors

AndyC 5 October 2024

Cloudflare has revealed that a historic distributed denial-of-service (DDoS) attack reaching up to 3.8 terabits per second (Tbps) was successfully thwarted, lasting for 65 seconds.

Cloudflare Thwarts Largest-Ever 3.8 Tbps DDoS Attack Targeting Global Sectors
Cloudflare Thwarts Largest-Ever 3.8 Tbps DDoS Attack Targeting Global Sectors

Cloudflare has revealed that a historic distributed denial-of-service (DDoS) attack reaching up to 3.8 terabits per second (Tbps) was successfully thwarted, lasting for 65 seconds.

The cybersecurity and web safeguarding organization stated that it repelled “over a hundred hyper-voluminous L3/4 DDoS attacks in the same month, some surpassing 2 billion packets per second (Bpps) and 3 terabits per second (Tbps).”

These high-volume L3/4 DDoS attacks have been persistent since the beginning of September 2024, focusing on various clients in the finance, Internet, and telecommunications sectors. The culprits behind the attacks remain unidentified.

The earlier record for the most extensive volumetric DDoS assault peaked at 3.47 Tbps in November 2021, targeting an undisclosed Microsoft Azure customer based in Asia.

CybersecurityRecently exposed vulnerabilities in the Common UNIX Printing System (CUPS) for Linux might serve as a potential channel for launching DDoS assaults with a 600x magnification ratio within seconds.

Analysis conducted by the firm has revealed that out of approximately 198,000 devices accessible on the public web, more than 58,000 (about 34%) could be utilized to execute DDoS attacks.

“The issue arises when a malicious actor dispatches a carefully crafted packet indicating the target’s address as if it were a printer to be added,” as stated by Larry Cashdollar, Kyle Lefton, and Chad Seaman, the researchers mentioned.

Cloudflare

“Upon sending each packet, the vulnerable CUPS server will create a larger IPP/HTTP request, partially controlled by the attacker, directed at the specified target. Consequently, not only the target is impacted, but also the host of the CUPS server falls prey, as the attack drains its network bandwidth and CPU resources,” the researchers added.

It has been approximated that there are around 7,171 systems with exposed CUPS services via TCP that are susceptible to CVE-2024-47176, according to Censys clarified. This is considered a conservative estimate as “more CUPS services appear to be reachable via UDP than TCP.”

Businesses are urged to contemplate uninstalling CUPS if printing functionality is unnecessary and to restrict the service ports (UDP/631) with a firewall, especially if they are open to the wider internet.

Enjoyed this piece? Get more insights by following us on Twitter and LinkedIn.

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

Tags: , , , , , , , ,

More Stories

WatchGuard Warns of Active Exploitation of Critical Fireware OS VPN Vulnerability

WatchGuard Warns of Active Exploitation of Critical Fireware OS VPN Vulnerability

AndyC 20 December 2025
Nigeria Arrests RaccoonO365 Phishing Developer Linked to Microsoft 365 Attacks

Nigeria Arrests RaccoonO365 Phishing Developer Linked to Microsoft 365 Attacks

AndyC 20 December 2025
New UEFI Flaw Enables Early-Boot DMA Attacks on ASRock, ASUS, GIGABYTE, MSI Motherboards

New UEFI Flaw Enables Early-Boot DMA Attacks on ASRock, ASUS, GIGABYTE, MSI Motherboards

AndyC 20 December 2025
China-Aligned Threat Group Uses Windows Group Policy to Deploy Espionage Malware

China-Aligned Threat Group Uses Windows Group Policy to Deploy Espionage Malware

AndyC 19 December 2025
HPE OneView Flaw Rated CVSS 10.0 Allows Unauthenticated Remote Code Execution

HPE OneView Flaw Rated CVSS 10.0 Allows Unauthenticated Remote Code Execution

AndyC 19 December 2025
ThreatsDay Bulletin: WhatsApp Hijacks, MCP Leaks, AI Recon, React2Shell Exploit and 15 More Stories

ThreatsDay Bulletin: WhatsApp Hijacks, MCP Leaks, AI Recon, React2Shell Exploit and 15 More Stories

AndyC 19 December 2025

You may have missed

Containing the Inevitable: What Cyber Leaders Must Prepare for in 2026

Containing the Inevitable: What Cyber Leaders Must Prepare for in 2026

AndyC 20 December 2025
Containing the Inevitable: What Cyber Leaders Must Prepare for in 2026

Containing the Inevitable: What Cyber Leaders Must Prepare for in 2026

AndyC 20 December 2025
Containing the Inevitable: What Cyber Leaders Must Prepare for in 2026

Containing the Inevitable: What Cyber Leaders Must Prepare for in 2026

AndyC 20 December 2025
The WAF must die – some interesting thoughts – FireTail Blog

The WAF must die – some interesting thoughts – FireTail Blog

AndyC 20 December 2025
The WAF must die – some interesting thoughts – FireTail Blog

The WAF must die – some interesting thoughts – FireTail Blog

AndyC 20 December 2025

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.