Ethical Hacking News
AISURU Botnet Launches Record-Breaking 5.72 Tbps DDoS Attack on Cloud Infrastructure
Microsoft successfully mitigated a record-breaking DDoS attack measured at 5.72 Tbps and nearly 3.64 billion pps.The attack was launched by the AISURU botnet, a powerful and highly sophisticated cyber threat linked to some of the biggest DDoS attacks recorded.AISURU is powered by nearly 300,000 infected devices, mostly routers, security cameras, and DVR systems.Most observed AISURU attacks are related to online gaming, but the botnet also enables multi-use functions beyond DDoS attacks.The AISURU botnet incorporates a residential proxy service, allowing attackers to scale with the internet itself.Micrsosft's automatic detection and neutralization of the attack demonstrates the company's commitment to staying ahead of emerging threats.Implementing robust cybersecurity measures is essential to protect against emerging threats like AISURU, particularly as IoT devices become more powerful.
Microsoft has recently disclosed that it successfully mitigated a record-breaking Distributed Denial-of-Service (DDoS) attack that targeted a single endpoint in Australia, measuring an astonishing 5.72 terabits per second (Tbps) and nearly 3.64 billion packets per second (pps). The attack was launched by the TurboMirai-class Internet of Things (IoT) botnet known as AISURU.
The AISURU botnet is a powerful and highly sophisticated cyber threat that has been linked to some of the biggest DDoS attacks recorded to date. According to data from QiAnXin XLab, the botnet is powered by nearly 300,000 infected devices, most of which are routers, security cameras, and DVR systems. The botnet's attacks have been attributed to a restricted clientele, with operators reportedly implementing preventive measures to avoid targeting governmental, law enforcement, military, and other national security properties.
In fact, most observed AISURU attacks to date appear to be related to online gaming. However, the botnet has also been found to enable multi-use functions beyond DDoS attacks exceeding 20Tbps, facilitating other illicit activities such as credential stuffing, artificial intelligence (AI)-driven web scraping, spamming, and phishing. Furthermore, AISURU incorporates a residential proxy service, which allows attackers to scale with the internet itself.
The disclosure comes as NETSCOUT detailed another TurboMirai botnet called Eleven11 (aka RapperBot) that's estimated to have launched about 3,600 DDoS attacks powered by hijacked IoT devices between late February and August 2025. Around the same time, authorities disclosed an arrest and the dismantling of the botnet.
The recent attack on cloud infrastructure has left many in the cybersecurity community concerned about the escalating threat posed by AI-powered botnets like AISURU. As fiber-to-the-home speeds rise and IoT devices get more powerful, the baseline for attack size keeps climbing, making it increasingly challenging for security professionals to keep up with the ever-evolving threat landscape.
Microsoft's automatic detection and neutralization of the DDoS attack is a testament to the company's commitment to staying ahead of emerging threats. The tech giant noted that the attack involved extremely high-rate UDP floods targeting a specific public IP address, launched from over 500,000 source IPs across various regions. These sudden UDP bursts had minimal source spoofing and used random source ports, which helped simplify traceback and facilitated provider enforcement.
The AISURU botnet's capabilities are a stark reminder of the importance of implementing robust cybersecurity measures to protect against emerging threats. As the use of IoT devices continues to rise, it is essential for organizations to prioritize the security of their networks and ensure that all connected devices are properly secured.
In conclusion, the recent DDoS attack launched by the AISURU botnet highlights the need for increased vigilance in the cybersecurity community. As AI-powered botnets continue to evolve and become more sophisticated, it will be essential for organizations to stay up-to-date with the latest threat intelligence and implement robust security measures to protect their networks.
Related Information:
https://www.ethicalhackingnews.com/articles/AISURU-Botnet-The-Largest-DDoS-Attack-on-Cloud-Infrastructure-ehn.shtml
https://thehackernews.com/2025/11/microsoft-mitigates-record-572-tbps.html
https://www.pcmag.com/news/massive-157-tbps-ddos-hits-microsofts-azure-traced-to-aisuru-botnet
Published: Tue Nov 18 03:04:23 2025 by llama3.2 3B Q4_K_M
