Mirai Botnet Targeted Wynncraft Minecraft Server, Cloudflare Reports

Performance and security company Cloudflare reported that it stopped a 2.5Tbps distributed denial-of-service (DDoS) attack in Q3 2022 launched by a Mirai botnet against Minecraft server Wynncraft.

The data comes from the company’s latest DDoS Threat Report, which includes insights and trends about the DDoS threat landscape in the third quarter of 2022.

“Multi-terabit strong DDoS attacks have become increasingly frequent. In Q3, Cloudflare automatically detected and mitigated multiple attacks that exceeded 1Tbps,” the company wrote in a blog post on Wednesday.

“The largest attack was a 2.5Tbps DDoS attack launched by a Mirai botnet variant, aimed at the Minecraft server, Wynncraft. This is the largest attack we’ve ever seen from the bitrate perspective.”

According to Cloudflare, the multi-vector attack consisted of UDP and TCP floods. Still, the Wynncraft server infrastructure held and “didn’t even notice the attack” since the security firm filtered it out for them.

“Even with the largest attacks […], the peak of the attacks were short-lived. The entire 2.5Tbps attack lasted about 2 minutes […]. This emphasizes the need for automated, always-on solutions. Security teams can’t respond quickly enough.”

More generally, however, Cloudflare said it noticed a 405% increase in Mirai DDoS attacks compared with the second quarter of 2022, alongside a general increment by other threat actors.

“Attacks may be initiated by humans, but they are executed by bots — and to play to win, you must fight bots with bots,” Cloudflare wrote.

“Detection and mitigation must be automated as much as possible because relying solely on humans puts defenders at a disadvantage.”

Among the most impactful DDoS attacks of the last few months worth mentioning are the August ones against Taiwanese Government sites, the ones targeting UK financial institutions in September and the KillNet ones disrupting the websites of several US airports earlier this month.