Cloudflare Mitigates Record-Breaking 29.7 Tbps DDoS Attack Linked to AISURU Botnet

On December 4, 2025, Cloudflare successfully detected and mitigated a distributed denial-of-service (DDoS) attack that peaked at 29.7 terabits per second (Tbps), marking the largest DDoS attack ever recorded. The attack lasted for 69 seconds and was attributed to the AISURU botnet, a DDoS-for-hire service that has been active for at least one year. According to reports, the AISURU botnet comprises up to 4 million infected hosts and has been associated with several recent hyper-volumetric DDoS attacks. This unprecedented attack underscores the evolving threat landscape of DDoS attacks, which continue to grow in scale and sophistication. The sheer volume of traffic—29.7 Tbps—highlights the massive computational resources at the disposal of threat actors. The brief duration of the attack (69 seconds) is notable, though the specific objectives or impacts of this particular incident remain undisclosed. From a technical standpoint, the use of a DDoS-for-hire service like AISURU demonstrates the commoditization of DDoS attacks, making large-scale attacks accessible to a broader range of threat actors, regardless of their technical expertise. The involvement of up to 4 million infected hosts suggests a significant botnet infrastructure, potentially comprising IoT devices, servers, and other internet-connected systems. The successful mitigation of this attack by Cloudflare underscores the importance of robust DDoS protection mechanisms, including anycast networking, rate limiting, and advanced traffic filtering. For cybersecurity professionals, this incident serves as a reminder of the critical need for proactive DDoS mitigation strategies. Organizations should ensure they have scalable and resilient DDoS protection measures in place, including real-time traffic monitoring, automated response systems, and collaboration with DDoS mitigation service providers. It is also crucial to recognize the role of botnets in modern DDoS attacks. The AISURU botnet's alleged size and activity highlight the importance of botnet detection and disruption efforts. Cybersecurity professionals should prioritize identifying and mitigating botnet infections within their networks and stay informed about emerging botnet threats. In conclusion, the record-breaking 29.7 Tbps DDoS attack linked to the AISURU botnet underscores the ongoing evolution of DDoS threats. While Cloudflare's successful mitigation demonstrates the effectiveness of advanced DDoS protection measures, the incident serves as a stark reminder of the need for constant vigilance and proactive defense strategies in the face of increasingly powerful and accessible DDoS attacks.