October 7, 2024 at 05:29PM
A new Mirai variant named GorillaBot unleashed 300,000 DDoS attacks last month, impacting 20,000 organizations globally. The attacks primarily used UDP flood and TCP ACK Bypass methods, targeting 113 countries. GorillaBot, based on Mirai code, introduces 19 DDoS attack methods, posing a growing challenge for affected organizations to mitigate. This rise in bad bot traffic presents significant threats, with DDoS attacks becoming a common use case for bad bots across various industries.
The meeting notes detailed an alarming surge in Distributed Denial-of-Service (DDoS) attacks involving a new Mirai variant called GorillaBot. The attacks launched 300,000 times, impacting around 20,000 organizations globally, with nearly 4,000 in the US alone. The threat actor behind GorillaBot attempted to overwhelm target networks with UDP and TCP ACK Bypass flood attacks. Notably, GorillaBot supports multiple architectures and deploys various attack methods, making it challenging for organizations to address due to the different mitigation approaches required.
Additionally, the notes highlighted a rising trend in bad bots, with traffic from such bots currently accounting for 32% of all online traffic, according to Imperva’s analysis. This increase represents a nearly 2% rise from the prior year, emphasizing the growing threat posed by bad bots like GorillaBot. Moreover, the “Bad Bot Report” from Imperva found that DDoS attacks were a significant use case for bad bots, particularly in industries such as gaming, telecom, ISP, healthcare, and retail, suggesting a broad impact on various sectors.
These meeting notes paint a concerning picture of the evolving threat landscape posed by DDoS attacks and bad bots, underscoring the need for robust defense strategies to mitigate potential disruptions to organizations’ operations.