About AISURU botnet and new DDoS record
Sort:
Most Recent
Forum Legend
Following
New Comments
Locked Topic
Pinned Topic
Source: fastnetmon.com
A new world-record DDoS attack has been confirmed, peaking at 29.7 terabits per second (Tbps) and launched by the Aisuru botnet, a large DDoS-for-hire network using an estimated one to four million compromised routers and IoT devicesworldwide.
The attack lasted 69 seconds and was mitigated by Cloudflare, fending off a stream of randomised junk traffic targeting an average of 15,000 destination ports per second. The intended target was not disclosed.
This is certainly not the first time Aisuru has been associated with extreme volumetric traffic. A few months ago, we reported on a suspected 29.69 Tbps gaming outage. While unconfirmed, it demonstrated that operators were already facing attack magnitudes close to today’s validated record. We also recently analysed a Aisuru related 15.2 Tbps attack on Microsoft Azure, highlighting that the botnet’s reach and accessibility are changing the logistics of offensive traffic in the entire industry.
Why DDoS attacks peak toward the end of the year
The timing aligns with a predictable and recurring trend. DDoS activity often escalates in Q4, coinciding with peak traffic periods such as retail holidays, gaming spikes, seasonal online events and end-of-year commercial load. These conditions increase the value and impact of disruption. As more botnet capacity becomes available through commercialised leasing models, attackers simply rent the bandwidth they need for the period of highest leverage.
Collateral damage and outbound DDoS risks
One of the emerging concerns highlighted in this record attack is that collateral disruption can occur even when an organisation is not the intended target. When volumetric attacks exceed local infrastructure limits or propagate through upstream carriers, they can affect networks along the path, including internet service providers, cloud environments and peering partners.
We have previously written extensively about outbound DDoS, where compromised assets inside a network unknowingly contribute to attacks. Even if a business believes it is not at risk due to its smaller profile or limited public-facing footprint, it may still be used as part of someone else’s DDoS campaign. The risks are not only external disruption but reputational damage, blacklisting, traffic throttling and loss of carrier trust. Additionally, high-capacity botnets such as Aisuru amplify this concern, as the sheer volume of junk traffic is growing to unbearable levels for some ISPs to handle.
This article is for educational purposes only