Cloudflare announced on Wednesday that it has detected and stopped the largest distributed denial of service (DDoS) attack ever recorded.
The attack peaked at 29.7 terabits per second and lasted 69 seconds. The company said the traffic came from a botnet-for-hire called AISURU, which has been behind several extreme DDoS incidents over the past year. Cloudflare did not reveal the name of the targeted organization.
AISURU has repeatedly targeted telecommunication companies, gaming platforms, hosting providers and financial services.
Cloudflare said it also blocked another massive attack from the same botnet that reached 14.1 billion packets per second. Security researchers estimate that AISURU is powered by one to four million infected devices across the world.
According to Cloudflare, the record-breaking event was a UDP carpet bombing attack that hit around 15,000 ports per second. The attackers randomised packet properties to get past defences, but Cloudflare’s automated systems detected and neutralised the traffic.
Cloudflare has recorded 2,867 AISURU attacks since the beginning of 2025.
Out of these, 1,304 hyper volumetric attacks happened in the third quarter of this year alone. In total, the company blocked 8.3 million DDoS attacks during the same period. That number is 15 percent higher than the previous quarter and 40 percent higher than the same period last year.
So far in 2025, Cloudflare has mitigated 36.2 million DDoS attacks, and the year is not yet over. The company highlighted a rapid increase in network layer attacks, which now make up 71 percent of all recorded attacks.
Meanwhile, HTTP DDoS attacks declined in comparison.
The report also shows major changes in the global DDoS landscape. The number of attacks that went above 100 million packets per second jumped by 189 percent quarter over quarter. In addition, 1,304 attacks exceeded one terabit per second.
Cloudflare noted that most attacks last for less than 10 minutes, which leaves very little time for manual intervention and can still cause long service disruptions.
The list of attack sources is dominated by Asia. Indonesia has remained the world’s biggest source of DDoS attacks for an entire year, followed by other locations such as Thailand, Bangladesh, Vietnam, India, Hong Kong and Singapore. Ecuador, Russia and Ukraine make up the remaining top ten.
Several industries have seen major increases in targeting. Attacks against the mining, minerals and metals sector rose sharply and pushed it to the 49th most attacked industry worldwide. The automotive industry experienced the largest jump and is now the sixth most attacked.
DDoS attacks targeting artificial intelligence companies rose by 347 percent in September alone.
Across all sectors, information technology and services faced the most attacks. Telecommunications, gambling, gaming and internet services were also among the hardest hit.
The most attacked countries this year include China, Turkey, Germany, Brazil, the United States and Russia.
Cloudflare said the scale and sophistication of current DDoS activity marks a turning point for global cybersecurity.
The company warned that many organizations are struggling to keep up with attackers who now operate with far more power and speed than ever before.
