A large number of Chinese smartphones were used as unwilling participants in a huge DDoS attack, briefly overwhelming an unnamed web server, according to Cloudflare. The attack saw over 4.5 billion separate data requests in a single day. The attack used a browser-based HTTP flood, which is something that has been done before at small scales but never with this many hits. The requests came almost universally from China and mostly from mobile devices, with app-specific user agents.
After this is where the evidence ends, and Cloudflare must speculate as to how that happened. They believe it was done using ad networks that sell ads via auction to display inside mobile apps. This would explain the very high number of requests coming very quickly, peaking at 275,000 HTTP requests per second, as well as the fact that real browsers were used in the attack with no TCP or code injection, like the one the Chinese Great Cannon uses.
This presents a grave new threat to the internet, Cloudflare claims, as smaller website operators have no real defense against these kind of high-level DDoS attacks.