UltraMagnus0001@lemmy.world
on 21 Jun 10:41
nextcollapse
What site was attacked? I don’t think the article mentions it.
Found stuff
“Telefonica Brazil (AS27699) accounted for the largest portion of the DDoS attack traffic, responsible for 10.5% of the total. Viettel Group (AS7552) follows closely with 9.8%, while China Unicom (AS4837) and Chunghwa Telecom (AS3462) contributed 3.9% and 2.9% respectively. China Telecom (AS4134) accounted for 2.8% of the traffic.”
The disclosure comes as the QiAnXin XLab team said the DDoS botnet tracked as RapperBot was behind an attack aimed at artificial intelligence (AI) company DeepSeek in February 2025, and that the latest samples of the malware attempt to extort victims, demanding they pay “protection fees” to avoid being targeted by DDoS attacks in the future.
China, the United States, Israel, Mexico, the United Kingdom, Greece, Iran, Australia, Malaysia, and Thailand are the primary countries where devices infected by RapperBot are located. The botnet is known to be active since 2022.
threaded - newest
What site was attacked? I don’t think the article mentions it.
Found stuff “Telefonica Brazil (AS27699) accounted for the largest portion of the DDoS attack traffic, responsible for 10.5% of the total. Viettel Group (AS7552) follows closely with 9.8%, while China Unicom (AS4837) and Chunghwa Telecom (AS3462) contributed 3.9% and 2.9% respectively. China Telecom (AS4134) accounted for 2.8% of the traffic.”
The disclosure comes as the QiAnXin XLab team said the DDoS botnet tracked as RapperBot was behind an attack aimed at artificial intelligence (AI) company DeepSeek in February 2025, and that the latest samples of the malware attempt to extort victims, demanding they pay “protection fees” to avoid being targeted by DDoS attacks in the future.
China, the United States, Israel, Mexico, the United Kingdom, Greece, Iran, Australia, Malaysia, and Thailand are the primary countries where devices infected by RapperBot are located. The botnet is known to be active since 2022.
thehackernews.com/…/massive-73-tbps-ddos-attack-d…
It seems Deepseek has been a target for a while. Possibly to eliminate competition and national security since there is a govt AI push.
Cloudflare presumably don’t want to give away the identity of their customer.
The botnet is most likely build by exploiting vulnerable routers or cameras. Adding these devices to a overall botnet. What do you think?
Why speculate when you can just find out? There are plenty of articles describing rapperbot.
It was TotallyRealSiteWeAreALegitimateCompanyPleaseKeepPayingUs.com
Thank you for saving me a click
CloudFlare keeps blocking me, so I take their accomplishments with a grain of salt.
Their mitigation comes at the cost of legitimate users being blocked, despite correctly identifying the bicycles in 16 different captchas in a row…
Yes this is propoganda garbage. I wouldn’t miss cloud flare for a second.
Sorry y’all, that was me trying to update my jellyfin metadata
Really has “trust me bro” energy.