Cloudflare announced that it had detected and stopped the 29.7-terabit-per-second (Tbps) distributed denial-of-service (DDoS) attack, which was the biggest one ever.
According to the web infrastructure and security company, the activity originated from a DDoS botnet-for-hire known as AISURU. It has been linked to several hyper-volumetric DDoS attacks over the past year. The attack lasted for 69 seconds. However, it did not reveal the target of the attack.
The botnet has prominently targeted telecommunication providers, gaming companies, hosting providers, and financial services. Additionally, Cloudflare successfully mitigated a 14.1 Bpps DDoS attack from the same botnet.
AISURU botnet breaks the DDoS record
AISURU is believed to be powered by a massive network comprising an estimated 1-4 million infected hosts worldwide. In all, CloudFlare has mitigated 2,867 Aisuru attacks since the start of the year, out of which 1,304 hyper-volumetric attacks were launched from the botnet in the third quarter of 2025 alone.
A total of 8.3 million DDoS attacks were blocked during the entire time period. This figure represents a 15% increase from the previous quarter and a 40% jump from last year. In 2025, 36.2 million DDoS attacks were thwarted, including 1,304 network-layer attacks exceeding 1 Tbps, up from 717 in Q1 2025 and 846 in Q2 2025.
According to Cloudflare, Aisuru’s actions have already caused problems in the US, even though ISPs were not the original target. Even important services like emergency services and healthcare could be disrupted indirectly when botnet traffic fills up backbone cables.
Aisuru-driven attacks can happen in a lot of different industries. Telecommunications is the most affected sector in the US, but other countries have seen different sectors hurt the worst. Gaming in Germany, banking in Austria, retail in Canada and France, and cybersecurity companies in the UK are all mentioned in the investigation. The botnet attacks are set up to hit the most important industries in each area.
Cloudflare did, however, experience an internal self-inflicted denial-of-service event last month. As reported by Cryptopolitan, the issue was caused by a faulty dashboard update that overloaded its own systems, resulting in widespread outages until the faulty code was corrected.
DDoS attacks rose 31,900% in 4 years
DDoS attacks that target AI companies have surged by 347% month-over-month in Q3. This has been driven by rising public scrutiny and government investigations into the regulation of generative AI in the UK and EU.
A report revealed a 31,900% increase in HTTP DDoS traffic originating from Indonesia over a four-year period. Indonesia has maintained its position as the number 1 global source of DDoS attacks for over a year, reflecting both the country’s growing footprint in the IoT device ecosystem and the challenges of securing consumer-grade hardware.
Meanwhile, traditional methods of stopping DDoS attacks are no longer effective because the attacks are becoming larger and faster. Many systems that use scrubbing centers lack the ingress capability to detect attacks that exceed 20 Tbps, let alone stop them.
Cloudflare stopped an average of 3,780 DDoS attacks an hour in Q3 2025. Of these, 71% were network-layer attacks that ended in less than 10 minutes, which is too fast for manual reaction or on-demand activation.
According to experts, in addition to on-premise appliances or scrubbing centers with limited bandwidth, businesses should use always-on, globally distributed mitigation systems that can automatically respond at the terabit scale.
If you're reading this, you’re already ahead. Stay there with our newsletter.
