Cybersecurity experts reported a massive DDoS attack. The Aisuru botnet hit a new peak of 31.4 Tbps. It also reached 200 million requests per second.
The Record-Breaking Attack
Attackers launched the assault on December 19 last year. They targeted telecom companies and IT providers. For example, the campaign flooded Cloudflare customers and infrastructure. Therefore, it earned the nickname “The Night Before Christmas.”
The attack combined hyper-volumetric HTTP floods and Layer 4 strikes. It set a new public record for size. However, most bursts lasted only one to two minutes. Cloudflare stopped them automatically without alerts.
Aisuru’s Growing Power
Aisuru previously held the record at 29.7 Tbps. Another strike reached 15.72 Tbps from 500,000 IPs. Now, this latest wave shows even greater scale. The botnet keeps evolving fast.
Compromised devices fuel its strength. Earlier attacks used IoT gadgets and routers. In this case, Android TVs formed the main source. Consequently, the botnet stays hard to trace and stop.
DDoS attacks surged 121% in 2025 compared to 2024. Cloudflare blocked 47.1 million incidents total. They handled over 5,300 attacks each hour on average. Network-layer attacks made up 73% of them. The final quarter jumped 31% from the prior three months. It rose 58% year-over-year. This upward trend continues without slowdown. Attackers clearly ramp up their efforts.
Most Targeted Sectors
Telecom providers faced the heaviest hits. IT services, gambling sites, and gaming firms followed close behind. For instance, these industries draw attackers seeking disruption. They often aim to extort or damage rivals.
Bangladesh topped the list of attack sources. Ecuador and Indonesia ranked next. Argentina climbed to fourth place quickly. Meanwhile, Russia fell five spots to tenth.
Last year, China, Hong Kong, Germany, Brazil, and the US saw the most targets. These shifts show how botnets spread globally. Therefore, no region stays safe for long.
Rising Attack Intensity
Network-layer attacks over 100 million packets per second grew 600%. Attacks above 1 Tbps increased 65% quarter-over-quarter. Moreover, over 71.5% of HTTP floods came from known botnets. This makes mitigation both urgent and complex.
Prevention Strategies
Organizations can defend against these massive attacks effectively. First, deploy always-on traffic scrubbing and rate-limiting systems. These block floods before they reach core networks.
Moreover, use continuous monitoring to detect unusual spikes in requests or bandwidth early. Combine strong edge protection with regular botnet signature updates. These steps help absorb even record-sized DDoS waves without downtime or major impact.
Sleep well, we got you covered.
