Record 29.7 Tbps DDoS Attack Linked to AISURU Botnet with up to 4 Million Infected Hosts

Record 29.7 Tbps DDoS Attack Linked to AISURU Botnet with up to 4 Million Infected Hosts

Cloudflare mitigated a 29.7 Tbps DDoS attack, the largest ever recorded, originating from the AISURU botnet. The attack lasted 69 seconds and utilized UDP flooding across 15,000 ports per second.

Why This Matters

The technical reality of DDoS defense contrasts sharply with ideal models: while mitigation systems can block traffic, the scale and sophistication of attacks like AISURU’s 29.7 Tbps assault expose gaps in infrastructure resilience. The cost of downtime for targeted sectors—such as finance or telecom—can exceed $1.6 million per hour, per Ponemon Institute data. Cloudflare’s mitigation of 2,867 AISURU attacks since 2025 highlights the growing strain on global networks.

Key Insights

• “29.7 Tbps DDoS attack, 2025”: Cloudflare’s mitigation of the largest recorded attack, per The Hacker News.
• “UDP carpet-bombing with randomized packets”: Attack method designed to evade detection, as detailed by Cloudflare engineers.
• “AISURU botnet with 1–4 million infected hosts”: Scale of the botnet powering hyper-volumetric attacks, per The Hacker News.

Practical Applications

• Use Case: Cloudflare’s mitigation strategies for UDP-based DDoS attacks targeting telecom and financial sectors.
• Pitfall: Underestimating botnet size leads to insufficient scrubbing capacity, risking service outages during hyper-volumetric attacks.

References:

• https://thehackernews.com/2025/12/record-297-tbps-ddos-attack-linked-to.html