Cloudflare announced the mitigation of a record-breaking Distributed Denial of Service (DDoS) attack that peaked at 29.7 Terabits per second (Tbps). The security firm identified the AISURU botnet as the source of the attack, which occurred in March 2024.

The event was disclosed by Cloudflare researcher Omer Yoachimik, highlighting the scale and power of modern botnet-driven threats. The attack was successfully neutralized by the company’s automated defense systems.

Details of the Record-Breaking Attack

The 29.7 Tbps attack represents a new high-water mark for DDoS traffic volume, surpassing the previous record of 26 Tbps that was mitigated by Google in 2022. The assault was a multi-vector attack with the primary component being a massive TCP SYN flood.

Cloudflare’s automated DDoS protection systems were responsible for detecting and successfully blocking the malicious traffic. The attack campaign persisted for several hours before being fully neutralized, testing the resilience of the network’s defenses.

The AISURU Botnet Explained

The AISURU botnet is a powerful and extensive network of compromised devices responsible for launching the massive attack. This botnet is comprised of a large number of Internet of Things (IoT) devices that have been infected and brought under the control of the attackers.

These compromised endpoints include common hardware such as routers, security cameras, and various smart home appliances. The botnet leverages the collective bandwidth of these devices to generate overwhelming volumes of attack traffic directed at its targets.

Source: https://securityaffairs.com/185299/security/cloudflare-mitigates-record-29-7-tbps-ddos-attack-by-the-aisuru-botnet.html