BleepingComputer reports that distributed denial-of-service attack sizes have increased since 2023, peaking at 840 million packets per second in April, the highest on record, amid persistently elevated bit rates and packet rates during the past year and a half.
Such a record-breaking DDoS intrusion stemmed from 5,000 source IPs, with most packets originating from U.S.-based MiktroTik Cloud Core Routers, particularly the CCR1036-8G-2S+ and CCR1072-1G-8S+ models, according to a report from OVHcloud, which discovered and averted the attack. MiktroTik devices have also been used in several other high packet rate attacks during the study period, with threat actors believed to be exploiting the "Bandwidth Test" functionality within MikroTik RouterOS. Moreover, researchers said DDoS attacks reaching 2.28 billion packets per second could be deployed by compromising only 1% of the 100,000 internet-exposed MikroTik routers. The findings come after MikroTik devices have been used to support the powerful Meris botnet.