Microsoft Mitigated the Largest Cloud DDoS Ever Recorded, 15.7 Tbps (securityaffairs.com)
- Reference: 0180111159
- News link: https://it.slashdot.org/story/25/11/17/2121230/microsoft-mitigated-the-largest-cloud-ddos-ever-recorded-157-tbps
- Source link: https://securityaffairs.com/184749/cyber-crime/microsoft-mitigated-the-largest-cloud-ddos-ever-recorded-15-7-tbps.html
> On October 24, 2025, Azure DDoS Protection detected and mitigated a massive multi-vector attack [1]peaking at 15.72 Tbps and 3.64 billion pps , the largest cloud DDoS ever recorded, aimed at a single Australian endpoint. Azure's global protection network filtered the traffic, keeping services online. The attack came from the Aisuru botnet, a Turbo Mirai-class IoT botnet using compromised home routers and cameras.
>
> The attack used massive UDP floods from more than 500,000 IPs hitting a single public address, with little spoofing and random source ports that made traceback easier. It highlights how attackers are scaling with the internet: faster home fiber and increasingly powerful IoT devices keep pushing DDoS attack sizes higher.
"On October 24, 2025, Azure DDOS Protection automatically detected and mitigated a multi-vector DDoS attack measuring 15.72 Tbps and nearly 3.64 billion packets per second (pps). This was the largest DDoS attack ever observed in the cloud and it targeted a single endpoint in Australia," reads [2]a report published by Microsoft. "The attack originated from Aisuru botnet."
"Attackers are scaling with the internet itself. As fiber-to-the-home speeds rise and IoT devices get more powerful, the baseline for attack size keeps climbing," concludes the post. "As we approach the upcoming holiday season, it is essential to confirm that all internet-facing applications and workloads are adequately protected against DDOS attacks."
[1] https://securityaffairs.com/184749/cyber-crime/microsoft-mitigated-the-largest-cloud-ddos-ever-recorded-15-7-tbps.html
[2] https://techcommunity.microsoft.com/blog/azureinfrastructureblog/defending-the-cloud-azure-neutralized-a-record-breaking-15-tbps-ddos-attack/4470422
Re: (Score:2)
Likely a lot more of the traffic is coming from smart TVs, vacuum cleaners, irrigation systems and the like.
Re: (Score:2)
The article: "The attack came from the Aisuru botnet, a Turbo Mirai-class IoT botnet using compromised home routers and cameras."
You: wAS iT FrOM WinDOESs PCEEZ?!??
Not sure what we'd do at that scale (Score:2)
We have direct peerings for services like voice, and IX'es for the big data providers. But at that scale I think it'd flatten at least one of our gateway providers, even with wire-speed ACLs and big routing hardware.
I'd be very curious what Microsoft did.
Holiday Season (Score:2)
> "Attackers are scaling with the internet itself. As fiber-to-the-home speeds rise and IoT devices get more powerful, the baseline for attack size keeps climbing," concludes the post. "As we approach the upcoming holiday season, it is essential to confirm that all internet-facing applications and workloads are adequately protected against DDOS attacks."
What does the holiday season have to do with anything? Are more DDOS operators at home for the holidays with excess time, hacking from mommie's basement?
Re: (Score:2)
They're looking at the upcoming effect on buying for the Christmas season. If Walmart's credit card processor gets DDOS'd at that scale they'd better be hosted on AWS or Azure, because Bank Of America's network sure as hell won't be able to deal with it. Amazon will be all right, but Pinconning Cheese's online store would be blown out of the water.
Too bad (Score:2)
It's too bad the Internet was never designed with a reset button.