This article is more than 1 year old

DDoS attacks up 149 percent as brassy booter kids make bank

Akamai report finds surge in weighty packets.

The number of distributed denial of service attacks rose 149 percent in dying months of 2015 according to Akamai's networking wonks.

The latest figures in the State of the Internet Q4 2015 report (PDF) tracked some 3693 DDoS attacks during the final quarter finding 169 percent uptick in infrastructure attacks.

Akamai finds each customer copped an average of 24 DDoS attacks compared to 17 in 2014, with each four hours shorter averaging 14.95 hours compared to as those tracked the year previous.

The report says botnet booter services are increasing using DNS, chargen, ntp, and other vulnerable servers to increase packet size. Those service have been made popular by hacking groups like Lizard Squad which built its fleet vulnerable hacked routers.

"In other words, while the average gigabits per second per attack increased, the average number of packets per second decreased," the report says.

"In fact, only three attacks exceeded 30 million packets per second in Q4, a statistic that has steadily decreased for several quarters.

"Sites offering booter tools are purportedly set up to allow administrators to load test their own sites. However, many of the sites are used as DoS-for-hire tools, relying on reflection attacks to generate traffic."

Origin countries

Image: Akamai.

The attacks are short-lived contributing to the drop in the average time of DDoS, the researchers say.

Five of the tracked attacks tipped 100Gbps, down from the eight registered the last months of 2014. One beast clocked 309Gbps.

The report further finds DNS-based traffic rose 92 percent, chargen traffic up 52 percent, and udp floods up 20 percent.

Gaming sectors were the most common targets of DDoS thanks to an anarchic user base that is also inclined to call in SWAT attacks where police raid the houses of live-streaming gamers.

Software and technology firms copped the second highest number of attacks, followed by financial services, internet and telcos.

Akamai did not say if particular sector DDoS were followed by monetary blackmail demands by attackers in order for the attacks to cease. ®

More about


Send us news

Other stories you might like