The Aisuru botnet has become one of the most powerful and dangerous forces on the internet, launching more than 1,300 distributed denial-of-service attacks in just three months.
One of these attacks reached an unprecedented peak of 29.7 terabits per second, setting a new global record. Cloudflare, the company that mitigated the attack, says the botnet is made up of between one and four million compromised routers and IoT devices around the world.
Aisuru operates as a botnet for hire, allowing cybercriminals to rent sections of its large network to carry out DDoS attacks. The devices powering the botnet are infected through known security flaws or weak, brute-forced passwords.
Cloudflare reports that the record-breaking attack happened in the third quarter of 2025 and lasted 69 seconds. It used UDP carpet bombing, which floods thousands of ports per second with junk traffic. While Cloudflare did not name the target, the company says the attack was severe enough that it could have disrupted internet service providers even if they were not the intended victims.
This is not the first time Aisuru has pushed the limits of DDoS power. A previous attack measured at 22.2 Tbps, also mitigated by Cloudflare, was linked to the botnet. Microsoft recently revealed that Azure was hit by a 15 Tbps attack coming from 500,000 Aisuru-controlled IP addresses.
Since the beginning of the year, Cloudflare has mitigated 2,867 Aisuru attacks, with nearly 45% classified as hyper volumetric — attacks that exceed 1 Tbps or one billion packets per second. Another recent incident reached 14.1 billion packets per second.
Researchers say these massive attacks are becoming more common. In Q3 alone, Cloudflare recorded 1,304 hyper volumetric incidents linked to Aisuru, targeting sectors such as gaming, hosting providers, telecommunications, and financial services. DDoS attacks exceeding 100 million packets per second jumped 189% quarter over quarter, and those passing 1 Tbps surged 227%.
Most Aisuru attacks last less than 10 minutes, giving defenders little time to react. Cloudflare warns that even short disruptions can cause significant damage, and recovery often takes much longer as teams work to restore systems and ensure data integrity.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
While Q3 did not surpass the total number of attacks seen in Q1, 2025 is already shaping up to be one of the most extreme years on record for DDoS activity. Cloudflare says it mitigated an average of 3,780 attacks per hour during the quarter, with most originating from Indonesia, Thailand, Bangladesh, and Ecuador and targeting China, Turkey, Germany, Brazil, and the US.
