"AWS Said it Mitigated a 2.3 Tbps DDoS Attack, The Largest Ever"

Amazon's AWS shield service mitigated the largest DDoS attack ever recorded, stopping a 2.3 Tbps attack in February of this year. The attack was carried out by adversaries using hijacked CLDAP web servers and caused three days of "elevated threat" for AWS Shield Staff. CLDAP (Connection-less Lightweight Directory Access Protocol) is an alternative to Microsoft's LDAP protocol and is used to connect, search, and modify Internet-shared directories. CLDAP has been abused by adversaries to carry out DDoS attacks since late 2016. CLDAP servers are known to amplify DDoS traffic by 56 to 70 times its initial size, making it a highly sought-after protocol and a common option provided by DDoS-for-hire services.

ZDNet reports: "AWS Said it Mitigated a 2.3 Tbps DDoS Attack, The Largest Ever"