Cloudflare's 2025 Q3 DDoS threat report -- including Aisuru, the apex of botnets (blog.cloudflare.com)
from Zerush@lemmy.ml to security@lemmy.ml on 04 Dec 13:12
https://lemmy.ml/post/39854012

Record-Breaking DDoS Attacks Mark 2025 Q3 as Aisuru Botnet Emerges

The Aisuru botnet dominated the DDoS threat landscape in Q3 2025, commanding an army of 1-4 million infected devices and launching unprecedented attacks that peaked at 29.7 Tbps and 14.1 billion packets per second[^1]. Cloudflare’s autonomous systems blocked 8.3 million DDoS attacks during the quarter, averaging 3,780 attacks per hour - a 15% increase from Q2 and 40% year-over-year[^1].

The Rise of Aisuru

The botnet targeted telecommunications providers, gaming companies, hosting providers, and financial services, causing widespread Internet disruption even when organizations weren’t direct targets[^1]. Parts of Aisuru are now offered as botnets-for-hire, enabling attackers to “inflict chaos on entire nations” for just hundreds to thousands of dollars[^1].

Attack Statistics

Industry Impacts

DDoS attacks against AI companies surged 347% month-over-month in September 2025, coinciding with increased public concern over AI risks[^1]. The Mining, Minerals & Metals industry jumped 24 spots in target rankings amid EU-China tensions over rare earth minerals and EV tariffs[^1].

Geographic Trends

Indonesia maintained its position as the leading source of DDoS attacks globally, holding the top spot for a full year. The country’s share of HTTP DDoS attack traffic has grown by 31,900% since 2021[^1].

Attack Types

UDP floods led network-layer attacks with a 231% quarterly increase, followed by DNS floods, SYN floods, and ICMP floods[^1]. Nearly 70% of HTTP DDoS attacks came from known botnets, with 20% originating from fake or headless browsers[^1].

[^1]: Cloudflare - Cloudflare’s 2025 Q3 DDoS threat report [^15]: Security Affairs - Cloudflare mitigates record 29.7 Tbps DDoS attack by the AISURU botnet

#security

threaded - newest