18 August 2021

[...]

At the time of writing, the website is still receiving application layer web floods against the specific URL: https://www.karapatan.org/resources where the organization disseminates its human rights reports.

This is a breakdown of the attack infrastructure used to launch billion of malicious web requests.

The attack traffic is generated by:

• servers running a modified version of CC-attack: Challenge Collapsar python code (%cc-attack)
• headless chromium browsers (%headless)

and then proxied via 30.000 bots [...]

[...]

The geographical distribution of the bots that flood the website is global but four countries account for almost half of the bots: Russia, Ukraine, Indonesia and China.