Similar to the attack in April, the attack mainly came from cloud service providers rather than residential Internet service providers. This means that virtual machines and servers in the data center are hijacked to carry out attacks, rather than the previously used Internet of things (IoT) devices.
The botnet that carried out the attack was made up of 5067 devices, and at the peak of the attack, each node sent 5200 requests per second.
Cloudflare pointed out that the attack was carried out through HTTPS, which means not only spending more money to launch the attack, but also trying to deal with the attack. The botnet attacks came from 121 countries, with Indonesia, the United States, Brazil and Russia receiving the most requests from their countries, and even 3 per cent of the attacks were carried out through Tor connections.
Cloudflare said that all customers of its free and professional CDN packages are protected from downtime caused by similar attacks, and not only that, such protection is free and unlimited, so customers will not be charged more for services regardless of the size or duration of the attack.