Cloudflare announced that it successfully detected and neutralized the largest distributed denial-of-service (DDoS) attack ever recorded, which reached a staggering peak volume of 29.7 terabits per second (Tbps). This UDP carpet-bombing attack lasted for 69 seconds and sought to bypass defenses by randomizing various packet attributes. The malicious activity was traced back to AISURU, a prolific DDoS botnet-for-hire that has been responsible for a number of exceptionally high-volume DDoS incidents over the past year. Cloudflare did not disclose the specific entity that was targeted by this massive attack.
The AISURU botnet is known for extensively targeting sectors such as telecommunication providers, gaming companies, hosting providers, and financial services. It is believed to draw its immense power from a vast, global network composed of an estimated 1 to 4 million infected hosts. In addition to the record-setting 29.7 Tbps attack, Cloudflare also mitigated a separate, hyper-volumetric attack from the same botnet that measured 14.1 billion packets per second (Bpps). The sheer scale and volume of these threats highlight the increasing challenge organizations face in maintaining adequate cybersecurity defenses.
The security firm has actively mitigated 2,867 AISURU attacks since the beginning of the year. The third quarter of 2025 alone saw the botnet launch 1,304 hyper-volumetric attacks against Cloudflare’s customers. Overall, Cloudflare blocked a total of 8.3 million DDoS attacks during the entire time period. This figure represents a notable 15% increase compared to the previous quarter and a significant 40% jump when compared to the corresponding period last year, signaling a rapid escalation in the frequency of DDoS threats.
Throughout 2025, Cloudflare thwarted 36.2 million DDoS attacks. A key trend observed was the proliferation of high-magnitude network-layer attacks: 1,304 of these attacks exceeded 1 Tbps this year, up sharply from 717 in Q1 and 846 in Q2 of 2025. Other trends from Q3 2025 included a 189% increase quarter-over-quarter in attacks exceeding 100 million packets per second (Mpps). Furthermore, the majority of attacks—71% of HTTP DDoS and 89% of network-layer attacks—were short-lived, lasting less than 10 minutes. Geographically, seven of the top ten source locations for these attacks were found within Asia.
Key industries were significantly impacted by the surge in attacks. DDoS attack traffic against artificial intelligence (AI) companies saw a massive spike of 347% in September 2025. The automotive industry experienced the largest increase overall, becoming the sixth most attacked sector globally, while the mining, minerals, and metals industry also saw a notable surge. The information technology, telecommunications, gambling, gaming, and internet services sectors remain the most frequently targeted. With nearly 70% of HTTP DDoS attacks originating from known botnets, Cloudflare notes that the industry has entered an era where DDoS attacks have rapidly grown in both sophistication and size.
Reference:
