Cloudflare on Wednesday said it detected and mitigated the largest ever distributed denial-of-service (DDoS) attack that measured at 29.7 terabits per second (Tbps).
The activity, the web infrastructure and security company said, originated from a DDoS botnet-for-hire known as AISURU, which has been linked to a number of hyper-volumetric DDoS attacks over the past year. The attack lasted for 69 seconds. It did not disclose the target of the attack.
The botnet has prominently targeted telecommunication providers, gaming companies, hosting providers, and financial services. Also tackled by Cloudflare was a 14.1 Bpps DDoS attack from the same botnet. AISURU is believed to be powered by a massive network comprising an estimated 1-4 million infected hosts worldwide.
“The 29.7 Tbps was a UDP carpet-bombing attack bombarding an average of 15,000 destination ports per second,” Omer Yoachimik and Jorge Pacheco said. “The distributed attack randomized various packet attributes in an attempt to evade defenses.”
In all, Cloudflare has mitigated 2,867 Aisuru attacks since the start of the year, out of which 1,304 hyper-volumetric attacks were launched from the botnet in the third quarter of 2025 alone. A total of 8.3 million DDoS attacks were blocked during the entire time period, a figure that represents a 15% increase from the previous quarter and a 40% jump from last year.
As many as 36.2 million DDoS attacks were thwarted in 2025, of which 1,304 were network-layer attacks exceeding 1 Tbps, up from 717 in Q1 2025 and 846 in Q2 2025. Some of the other notable trends observed in Q3 2025 are listed below –
- The number of DDoS attacks that exceeded 100 million packets per second (Mpps) increased by 189% QoQ.
- Most attacks, 71% of HTTP DDoS and 89% of network layer, lasted less than 10 minutes.
- Seven out of the 10 top sources of DDoS were locations within Asia, including Indonesia, Thailand, Bangladesh, Vietnam, India, Hong Kong, and Singapore. The other three sources are Ecuador, Russia, and Ukraine.
- DDoS attacks against the mining, minerals, and metals industry surged, making it the 49th most attacked sector globally.
- The automotive industry saw the largest increase in DDoS attacks, placing it as the sixth most attacked sector globally.
- DDoS attack traffic against artificial intelligence (AI) companies spiked by 347% in September 2025
- Information technology, telecommunications, gambling, gaming, and internet services topped the list of most attacked sectors.
- China, Turkey, Germany, Brazil, the U.S., Russia, Vietnam, Canada, South Korea, and the Philippines were the most attacked countries.
- Nearly 70% of HTTP DDoS attacks originated from known botnets.
“We’ve entered an era where DDoS attacks have rapidly grown in sophistication and size — beyond anything we could’ve imagined a few years ago,” Cloudflare said. “Many organizations have faced challenges in keeping pace with this evolving threat landscape.”
