All news with #aisuru tag

Cloudflare Mitigates Record 29.7 Tbps DDoS by AISURU

🚨 Cloudflare reported it detected and mitigated a record 29.7 Tbps distributed denial-of-service attack attributed to the AISURU botnet. The UDP "carpet-bombing" assault, which randomized packet attributes and targeted an average of 15,000 destination ports per second, lasted 69 seconds. Cloudflare also mitigated a 14.1 Bpps event and said AISURU may comprise 1–4 million infected hosts, while blocking thousands of related hyper-volumetric attacks and noting significant quarterly increases in DDoS activity.

Aisuru botnet behind record 29.7 Tbps DDoS attack impact

⚠️ In three months the Aisuru botnet has been linked to more than 1,300 DDoS attacks, including a record peak of 29.7 Tbps in Q3 2025 that Cloudflare mitigated. The botnet, offered as a rental service, leverages an estimated 1–4 million compromised routers and IoT devices exploited via known vulnerabilities and weak credentials. The record incident lasted 69 seconds and used UDP carpet‑bombing across roughly 15,000 destination ports per second; Cloudflare reports a sharp rise in hyper‑volumetric attacks that can disrupt ISPs and critical services.

Cloudflare Q3 2025 DDoS Threat Report: Aisuru Peaks

📈 The 23rd edition of Cloudflare’s Quarterly DDoS Threat Report reviews Q3 2025 data and spotlights the unprecedented Aisuru botnet, estimated at 1–4 million infected hosts. Aisuru launched routine hyper-volumetric attacks exceeding 1 Tbps and 1 Bpps, peaking at 29.7 Tbps and 14.1 Bpps, while Cloudflare mitigated 8.3 million DDoS events in the quarter. Network-layer attacks dominated the mix, and the report warns that short, high-volume strikes often outpace manual defenses, underscoring the need for global, automated mitigation.

Aisuru Botnet Fires 15.72 Tbps DDoS at Microsoft Azure

⚠️ Microsoft reported that the Aisuru botnet launched a massive DDoS attack against a public Azure IP in Australia, peaking at 15.72 Tbps and nearly 3.64 billion packets per second. The traffic originated from over 500,000 IP addresses and consisted of extremely high-rate UDP floods with minimal source spoofing. Microsoft noted the bursts used random source ports, which aided traceback and provider enforcement. Azure's mitigations absorbed the attack without a reported widespread outage.

Cloudflare Removes Aisuru Botnet Domains from Rankings

🛡️ Cloudflare has begun redacting and hiding domains tied to the rapidly growing Aisuru botnet after those malicious hostnames repeatedly appeared atop its public domain rankings. The botnet — comprised of hundreds of thousands of compromised IoT devices — recently shifted from querying 8.8.8.8 to 1.1.1.1, flooding Cloudflare’s resolver and skewing popularity metrics. Cloudflare says attackers are likely both manipulating rankings and mounting attacks on its DNS service, and the company is refining its ranking algorithm while removing known malicious entries.

Aisuru Botnet Evolves from DDoS to Residential Proxies

🛡️ Aisuru, first identified in August 2024, has been retooled from launching record DDoS assaults to renting hundreds of thousands of compromised IoT devices as residential proxies. Researchers warn the change powers a massive proxy market that is being used to anonymize large-scale content scraping for AI training and other abuses. The botnet — roughly 700,000 devices strong — previously produced multi‑terabit attacks that disrupted ISPs and damaged router hardware. Industry and law enforcement are sharing blocklists and probing proxy reseller ecosystems tied to the infections.