Ethical Hacking News
A record-breaking 31.4 Tbps DDoS attack was detected and mitigated by Cloudflare in November 2025, marking a significant escalation in the scale and sophistication of hyper-volumetric HTTP DDoS attacks. As this type of attack continues to rise in popularity, organizations must take proactive steps to protect themselves against these types of threats.
A record-breaking 31.4 Tbps DDoS attack was detected and mitigated by Cloudflare in November 2025.The attack marked a significant escalation in the scale and sophistication of hyper-volumetric HTTP DDoS attacks.The AISURU/Kimwolf botnet, linked to this massive DDoS attack, has infected over 1.8 million devices and issued more than 1.7 billion DDoS attack commands.Hyper-volumetric DDoS attacks have increased in scale and sophistication, posing significant threats to organizations worldwide.The number of DDoS attacks increased by 40% compared to the previous quarter in Q4 2025.The majority of targeted attacks were against Cloudflare customers in the Telecommunications, Service Providers, and Carriers sector.Organizations must take proactive steps to protect themselves against hyper-volumetric DDoS attacks due to their increasing sophistication and scale.
Cybersecurity experts and threat researchers have been sounding the alarm bells over the past few months, warning of a surge in hyper-volumetric HTTP Distributed Denial-of-Service (DDoS) attacks that are posing significant threats to organizations around the world. According to recent data from Cloudflare, a leading provider of security services, a record-breaking 31.4 Tbps DDoS attack was detected and mitigated in November 2025, marking a significant escalation in the scale and sophistication of these types of attacks.
The AISURU/Kimwolf botnet, which is linked to this massive DDoS attack, is a newly discovered Android botnet that has infected over 1.8 million devices and issued more than 1.7 billion DDoS attack commands, according to XLab. The Kimwol Android botnet primarily targets TV boxes, compiled using the NDK and equipped with DDoS, proxy forwarding, reverse shell, and file management functions. It encrypts sensitive data with a simple Stack XOR, uses DNS over TLS to hide communication, and authenticates C2 commands with elliptic curve digital signatures.
The attack in question, which lasted just 35 seconds, was the largest ever disclosed publicly by any company at the time, peaking at an unprecedented 31.4 Tbps. This represents a significant increase from previous attacks, with some of which reached sizes exceeding 10 Gbps. The surge in DDoS attacks has been attributed to the increasing sophistication and scale of these types of attacks, as well as the growing number of organizations that are being targeted.
The rise of hyper-volumetric DDoS attacks has raised significant concerns among cybersecurity experts and organizations around the world. These attacks can have devastating consequences for businesses and individuals alike, causing significant disruptions to operations, data loss, and even financial losses.
According to Cloudflare's report, the number of DDoS attacks increased by 40% compared to the previous quarter in Q4 2025, with the size of the attacks growing by over 700% compared to large attacks seen in late 2024. The majority of these attacks were targeted at Cloudflare customers in the Telecommunications, Service Providers, and Carriers sector, followed by Gaming and Generative AI services.
Globally, China, the United States, Germany, and Brazil remained among the most targeted countries, while Hong Kong and especially the United Kingdom saw sharp increases in attacks. Most DDoS attacks in Q4 2025 originated from IPs linked to major cloud platforms like DigitalOcean, Microsoft, Tencent, Oracle, and Hetzner, mostly in the U.S.
The surge in hyper-volumetric DDoS attacks has significant implications for organizations that rely on these services. With the increasing scale and sophistication of these attacks, it is becoming increasingly difficult for organizations to keep pace with the evolving threat landscape.
To mitigate this risk, organizations are advised to re-evaluate their defense strategy and consider implementing more robust security measures, such as using Cloudflare's DDoS Botnet Threat Feed to identify and shut down abusive IPs. Additionally, organizations should also invest in advanced threat detection and response capabilities to stay ahead of the growing threat landscape.
The AISURU/Kimwolf botnet serves as a prime example of the evolving threat landscape, with its sophisticated attack capabilities and multi-use functions making it a highly effective tool for carrying out illicit activities such as credential stuffing, artificial intelligence-driven web scraping, spamming, and phishing.
In conclusion, the record-breaking 31.4 Tbps DDoS attack detected by Cloudflare in November 2025 serves as a stark reminder of the growing threat landscape that organizations face today. As hyper-volumetric DDoS attacks continue to escalate in scale and sophistication, it is essential for organizations to take proactive steps to protect themselves against these types of threats.
A record-breaking 31.4 Tbps DDoS attack was detected and mitigated by Cloudflare in November 2025, marking a significant escalation in the scale and sophistication of hyper-volumetric HTTP DDoS attacks. As this type of attack continues to rise in popularity, organizations must take proactive steps to protect themselves against these types of threats.
Related Information:
https://www.ethicalhackingnews.com/articles/A-Record-Breaking-314-Tbps-DDoS-Attack-A-Growing-Threat-Landscape-ehn.shtml
https://securityaffairs.com/187690/hacking/record-breaking-31-4-tbps-ddos-attack-hits-in-november-2025-stopped-by-cloudflare.html
https://cybersecuritynews.com/31-4-tbps-ddos-attack/
https://thehackernews.com/2026/02/aisurukimwolf-botnet-launches-record.html
https://www.bleepingcomputer.com/news/security/aisuru-botnet-sets-new-record-with-314-tbps-ddos-attack/
Published: Fri Feb 6 09:27:11 2026 by llama3.2 3B Q4_K_M
