Linux Botnets Responsible for Nearly 70% of DDoS Attacks in Q3
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)

Linux Botnets Responsible for Nearly 70% of DDoS Attacks in Q3

The Q3 Threat Report from Kaspersky shows DDoS Attacks are on the rise.

Kaspersky Labs released its Q3 Threat Report on Monday, and among the most interesting findings is the fact that Linux Botnets accounted for nearly 7 out of 10 DDoS attacks in the third quarter.

Overall, the number of DDoS attacks in China, the US, South Korea and Russia increased over Q2. Additionally, Australia experienced a surge in the number of attacks (over 450 per day) and the power of those attacks (15.8 million packets per second). Not surprisingly, the cost associated with defending against these attacks is also on the rise.

Additionally, the format of attacks seems to be changing, too. Attackers are beginning to favor a short, powerful “punctuated” attack that can last for several hours or even a few days.

As for the industries targeted, that stays largely unchanged. Though there was an uptick in attacks on gaming services, the usual targets are all accounted for: finance, politics, entertainment, etc.

Cryptocurrencies coming under attack

One of the newest attack vectors relates to cryptocurrencies, specifically ICO or Initial Coin Offerings. This is a sort of crowd-funding that is used to launch new cryptocurrencies and due to their unregulated nature and how commonplace they are – they are highly vulnerable.

Since blockchain technology allows transactions to be conducted safely, ICOs are quickly gaining in popularity. But there are risks as well: with the rapid growth and the increasing turnover of crypto-currencies, such platforms are subjected to cyberattacks, including DDoS attacks. The broad availability of the platform guarantees reliable and secure transactions, while DDoS attacks are aimed at breaking the operability of the service and thus discrediting it or, even worse, creating a smokescreen for more sophisticated types of attacks.

Key Takeaways

  • Resources in 98 different countries were attacked in the third quarter, up from 86 in Q2.
  • Around half of all attacks originated in China.
  • China, the US and South Korea were the leaders in terms of both quantity of attacks and targets.
  • The longest DDoS attack lastest 215 hours.
  • 99.6% of attacks lasted less than 50 hours.
  • There has been a considerable decline in attacks via TCP (11.2%, down from 28.2% in Q2).
  • The percentage of SYN Floods and HTTP attacks have increased since Q2.
  • Linux Botnets were responsible for 69.92% of attacks, up from 51.23% in Q2.
  • You are least likely to be attacked on a Monday (just 10.39% of attacks).



Patrick Nohe

Patrick started his career as a beat reporter and columnist for the Miami Herald before moving into the cybersecurity industry a few years ago. Patrick covers encryption, hashing, browser UI/UX and general cyber security in a way that’s relatable for everyone.