A large-scale Layer 7 DDoS flood attack (i.e., application level DDoS) has been pushing over 120,000 HTTPS requests per second (RPS) to the website. The attack was big enough to disable multiple web servers and quickly exhaust their available bandwidth. Attackers were making use of multiple botnets, including a CCTV-based botnet and home router botnet. Home routers made up 25% of the IP addresses, resulting in about 11,767 compromised routers. We were able to fingerprint the makeup of the home routers being used in the campaign.”]
Source: https://blog.sucuri.net/2016/09/iot-home-router-botnet-leveraged-in-large-ddos-attack.html