The starting point of the siege of the West Coast of the United States was the 23rd of November, 2016. A still not detected malware, employed by also not identified hacker or a group of hackers, has been attacking the cost. This botnet has carried out massive DDoS (Distributed Denial of Service) attacks, reaching 400 Gbps and, even, more per day.
Even though in the recent days Mirai malware have been one of the mostly used viruses in the DDoS attacks, this particular malware is a new different one malicious program, which operates by creating the vast flocks of botnets and launching the secondary DDoS attacks.
On the behalf of Cloudflare Inc., which, among other services, provides DDoS protection and security services, the attacks launched by this new unknown botnet are technically Layer 3 and Layer 4 floods sent via TCP. Here, the Layer 3 refers to the network layer, while the Layer 4 indicates the transport (transfer) layer. Both of the layers belong to the OSI (Open Systems Interconnection) model, which is the model of network frameworking in the seven layers for the implementation of protocols. The 7 layers are the following: the physical, the data link, the network, the transport, the session, the presentation and the application layer. And TCP refers to the Transmission Control Protocol, the standard defining data exchange through network.
In their initial stage the attacks began the same exact hour each day, at around 18:00 UTC (Coordinated Universal Time) and lasted for about 8 hours, ending at 03:00 UTC. However, the recent attacks have increased in their duration quite enormously. Now they last for straight 24 hours without a brake.
So far this is all the news about this rather unsolved web traffic direction issue.