Aisuru Botnet Sets New Record with 31.4 Tbps DDoS Attack

The 31.4 Tbps assault by the Aisuru botnet marks a watershed moment for cyber‑threat actors, demonstrating that compromised consumer hardware can generate traffic volumes once thought exclusive to nation‑state operations. By exploiting vulnerable IoT devices and Android televisions, the botnet assembled a distributed arsenal capable of overwhelming even well‑architected edge networks. This hyper‑volumetric approach, combining Layer 4 floods with HTTP‑level request spikes, forces defenders to rethink capacity planning beyond traditional bandwidth thresholds.

Cloudflare’s automatic mitigation of the incident illustrates how modern security platforms are evolving to absorb massive surges without manual intervention. The firm’s Q4 2025 DDoS Threat Report reveals a 121% increase in attack frequency year‑over‑year, with 47.1 million incidents and a 31% quarter‑over‑quarter rise. Telecom carriers, IT service firms, and gaming operators top the target list, reflecting the high‑value nature of connectivity‑dependent businesses. Geographic analysis shows Bangladesh, Ecuador and Indonesia as primary sources, indicating a shift toward regions with lax IoT security standards.

Looking ahead, enterprises must adopt multi‑layered DDoS strategies that blend scrubbing‑center capacity, intelligent traffic profiling, and real‑time anomaly detection. Investment in edge‑located mitigation services can reduce latency while dispersing attack traffic across a broader surface. Policymakers should also encourage stricter firmware update mandates for consumer devices to shrink the botnet recruitment pool. As attack magnitudes continue to climb, the combination of robust infrastructure, adaptive security tooling, and regulatory pressure will be essential to safeguard the digital supply chain.