Cloudflare reported on Wednesday that it successfully detected and mitigated the largest recorded distributed denial-of-service (DDoS) attack to date, reaching 29.7 terabits per second (Tbps). The attack originated from the AISURU botnet-for-hire, which has been tied to multiple hyper-volumetric DDoS campaigns over the past year. The assault lasted 69 seconds, though Cloudflare did not disclose the intended target.
AISURU has primarily focused on telecommunication firms, gaming companies, hosting providers, and financial services. Cloudflare also mitigated a 14.1 Bpps DDoS attack attributed to the same botnet. Analysts estimate the botnet is powered by 1–4 million infected devices globally.
“The 29.7 Tbps attack was a UDP carpet-bombing operation, striking an average of 15,000 destination ports per second,” said Cloudflare researchers Omer Yoachimik and Jorge Pacheco. “The attack randomized multiple packet attributes to bypass defensive measures.”
Since the start of 2025, Cloudflare has mitigated 2,867 AISURU attacks, including 1,304 hyper-volumetric incidents in Q3 alone. In total, 8.3 million DDoS attacks were blocked during this period, marking a 15% increase from the previous quarter and a 40% rise from last year.
In 2025, 36.2 million DDoS attacks were thwarted globally, including 1,304 network-layer assaults exceeding 1 Tbps, up from 717 in Q1 and 846 in Q2. Key trends from Q3 2025 include:
- DDoS attacks exceeding 100 million packets per second (Mpps) grew by 189% quarter-on-quarter.
- Most incidents, 71% of HTTP DDoS and 89% of network-layer attacks, lasted less than 10 minutes.
- Seven of the top ten DDoS sources were in Asia, including Indonesia, Thailand, Bangladesh, Vietnam, India, Hong Kong, and Singapore. Ecuador, Russia, and Ukraine completed the list.
- The mining, minerals, and metals sector saw a surge, ranking 49th in most-targeted industries.
- Automotive DDoS attacks increased sharply, making it the sixth most attacked sector.
- AI companies faced a 347% spike in attack traffic in September 2025.
- Information technology, telecommunications, gaming, gambling, and internet services were the most targeted sectors.
- The countries most affected included China, Turkey, Germany, Brazil, the U.S., Russia, Vietnam, Canada, South Korea, and the Philippines.
- Nearly 70% of HTTP DDoS attacks originated from known botnets.
Cloudflare emphasized, “We are in an era where DDoS attacks have become larger and more sophisticated than ever. Organizations worldwide continue to face challenges keeping pace with this rapidly evolving threat landscape.”
Found this article interesting? Follow us on Twitter , Facebook, Blue sky and LinkedIn to read more exclusive content we post.
