There is a truly excellent video on Mirai's (the botnet or atleast code in question) origin. It was created in the Minecraft server community by teenagers. The botnet was huge to a point where Akamai had to get help from Google to mitigate an attack on krebs' security blog. It also was used to attack Dyn, the infrastructure provider, and resulted in a huge outage affecting Netflix, Twitter etc.

Sadly it's only in German, but if you are on desktop, you can auto-translate the subtitles.

https://www.youtube.com/watch?v=uletKRPMnuo

I've read that Cloudflare also hosts a lot of DDoS-for-hire services. That seems like a conflict of interest.

I always thought there should be more terabit attacks with the level of home connections nowadays

Assuming this is about telnxy outages this week and their migration to cloudflare. https://status.telnyx.com/

Maybe premature for cloudflare to be declaring victory?

Can’t they try take the bots offline? Do the bots hide their IP address or could they not start contacting the owners of said ip addresses and tell them they need to remove the infected device from the internet? I know it wouldn’t be that easy but is there nothing they can do to fight back and start getting rid of these bots?

What is with ddos these days?

Are they doing it for money ?

It just seems silly with services like cloud flare

> The entire attack lasted just one minute.

Did the attack last one minute because Cloudflare 'mitigated' it after that, or because the attackers stopped?

I was responsible for a website (one of a many of this kind) that provided access to a niche auction platform. At some point in the beginning of 2010s it became a subject of a precisely coordinated series of timed attacks designed to disrupt bidding of one of our prominent clients in the specific auctions. It was enough to bring down the service for ~5 minutes to prevent the client from winning.

Eventually we migrated behind CF and the problem was solved but I couldn't help but wonder if there are some applications for which even a few seconds disruption (I assume that's the minimum time Cloudflare needs to begin effectively mitigate the attack of this scale) will be disastrous and what could possibly be done in this case?

CF: Would it be asking too much to have a date and time stamp on your blog posts somewhere?

Whatever, guys... Nothing, NOTHING will make me think better of CloudFlare. I won't forgive you, CF, for captcha, tracking and blocking me from accessing a critical server from an airport! Burn in hell!