Unprecedented 29.7 Tbps DDoS Attack Linked to AISURU Botnet
In a significant escalation of cyber threats, Cloudflare has successfully mitigated the largest distributed denial-of-service (DDoS) attack recorded to date, peaking at 29.7 terabits per second (Tbps). This massive assault, which lasted 69 seconds, was orchestrated by the AISURU botnet, a formidable network comprising an estimated 1 to 4 million infected devices worldwide.
The AISURU botnet has been implicated in numerous hyper-volumetric DDoS attacks over the past year, primarily targeting sectors such as telecommunications, gaming, hosting services, and financial institutions. Notably, Cloudflare also thwarted a 14.1 billion packets per second (Bpps) DDoS attack from the same botnet.
The recent 29.7 Tbps attack employed a UDP carpet-bombing technique, inundating an average of 15,000 destination ports per second. By randomizing various packet attributes, the attackers aimed to circumvent traditional defense mechanisms. This method underscores the evolving sophistication of DDoS strategies, which now combine high-volume traffic with evasion tactics to maximize disruption.
Throughout 2025, Cloudflare has mitigated 2,867 attacks attributed to AISURU, with 1,304 hyper-volumetric incidents occurring in the third quarter alone. In total, the company blocked 8.3 million DDoS attacks during this period, marking a 15% increase from the previous quarter and a 40% rise compared to the same timeframe last year.
The broader landscape of DDoS activity in 2025 reveals alarming trends:
– A total of 36.2 million DDoS attacks were thwarted, with 1,304 network-layer attacks exceeding 1 Tbps.
– The number of DDoS attacks surpassing 100 million packets per second (Mpps) increased by 189% quarter-over-quarter.
– A significant majority of attacks were brief, with 71% of HTTP DDoS and 89% of network-layer attacks lasting less than 10 minutes.
– The primary sources of DDoS attacks were predominantly in Asia, including Indonesia, Thailand, Bangladesh, Vietnam, India, Hong Kong, and Singapore, along with Ecuador, Russia, and Ukraine.
– Industries such as mining, minerals, and metals experienced a surge in attacks, elevating them to the 49th most targeted sector globally.
– The automotive industry saw the largest increase in DDoS attacks, ranking as the sixth most targeted sector worldwide.
– Artificial intelligence companies faced a 347% spike in DDoS attack traffic in September 2025.
– The most attacked sectors included information technology, telecommunications, gambling, gaming, and internet services.
– The top ten most attacked countries were China, Turkey, Germany, Brazil, the U.S., Russia, Vietnam, Canada, South Korea, and the Philippines.
– Nearly 70% of HTTP DDoS attacks originated from known botnets.
These developments highlight the escalating scale and complexity of DDoS attacks, posing significant challenges for organizations striving to maintain robust cybersecurity defenses. The AISURU botnet’s capacity to mobilize millions of devices for coordinated attacks exemplifies the critical need for advanced mitigation strategies and proactive security measures.
Cloudflare’s successful defense against this unprecedented attack underscores the importance of continuous innovation in cybersecurity practices. As DDoS attacks grow in sophistication and volume, organizations must remain vigilant, adopting comprehensive security frameworks to protect against such pervasive threats.
