News: 0179521186

  ARM Give a man a fire and he's warm for a day, but set fire to him and he's warm for the rest of his life (Terry Pratchett, Jingo)

Record-Breaking DDoS Attack Peaks At 22 Tbps and 10 Bpps

(Wednesday September 24, 2025 @11:30PM (BeauHD) from the internet-of-targets dept.)


Cloudflare blocked the largest-ever DDoS attack against a European network infrastructure company, which [1]peaked at 22.2 Tbps and 10.6 Bpps . The hyper-volumetric attack has been linked to the Aisuru botnet and lasted just 40 seconds, but was double the size of the [2]previous record . SecurityWeek reports:

> Cloudflare told SecurityWeek that the attack was aimed at a single IP address of an unnamed European network infrastructure company. Cloudflare has yet to determine who was behind the attack, but believes it may have been powered by the Aisuru botnet, which was also linked earlier this year to a massive 6.3 Tbps attack on the website of cybersecurity blogger Brian Krebs. Aisuru has been around for more than a year. The botnet is powered by hacked IoT devices such as routers and DVRs that have been compromised through the exploitation of known and zero-day vulnerabilities.

>

> According to Cloudflare, the 22 Tbps attack was traced to over 404,000 unique source IPs across over 14 ASNs worldwide. "Based on internal analysis using a proprietary system, the source IPs were not spoofed," the company explained. The security firm described it as a UDP carpet bomb attack targeting an average of 31,000 destination ports per second, with a peak of 47k ports, all of a single IP address. Cloudflare revealed in July that the number of DDoS attacks it blocked in the first half of 2025 had already exceeded all the attacks mitigated in 2024.



[1] https://www.securityweek.com/record-breaking-ddos-attack-peaks-at-22-tbps-and-10-bpps/

[2] https://tech.slashdot.org/story/25/09/03/1958250/cloudflare-stops-new-worlds-largest-ddos-attack-over-labor-day-weekend


Yikes! (Score:3)

by zurkeyon ( 1546501 )

It takes a serious amount of bot controlled metal to do such a thing. Between this and the Sim Bot farms they are starting to find... Stuff is about to get real. (Grabs popcorn)

Re: (Score:2)

by RitchCraft ( 6454710 )

Shazam!

Re: (Score:2)

by Uldis Segliņš ( 4468089 )

How exactly would Rust solve default, unchangeable passwords and hidden backdoors?

Re: These kinds of things (Score:2)

by Al_Lapalme ( 698542 )

I'm pretty sure (or at least hope) that the parent was being satirical. There is a constant push from rust fans to rewrite everything in rust and the parent's post sounded like a mockery of that.

I'm not worried (Score:2)

by PPH ( 736903 )

My site is hosted on a [1]pretty fast [postimg.cc] connection.

[1] https://i.postimg.cc/k4mSkr3c/Internet-Speed.jpg

IoT (Score:5, Funny)

by RitchCraft ( 6454710 )

The gift that keeps on giving.

According to Cloudflare, Cloudflare is necessary (Score:2)

by ihadafivedigituid ( 8391795 )

Having dealt with their sales department, I don't trust anything they say.

stop feeding the trolls (Score:3)

by v1 ( 525388 )

1. you're boosting their ego

2. you're adding to their portfolio they show their customers

This short attack was almost certainly not intended to cause problems, it was intended to advertise their services and show off their capabilities.

Stop feeding the trolls. I get it, I KNOW, it gets clicks , but please just STOP.

Look for the motivation (Score:2)

by Uldis Segliņš ( 4468089 )

Who has Brian Krebs's security research offended the most? I could bet that is some dictatorship. Or less likely a wannabe dictatorship. Doubt so large scale offensive campaigns are offered on the DDOS market, but who knows, money does wonders.

Being frustrated is disagreeable, but the real disasters in life begin
when you get what you want.