Ethical Hacking News
In October 2025, Microsoft reported that it had successfully mitigated a massive cloud-based DDoS attack, which is considered the largest ever recorded at 15.7 Tbps, launched by the Aisuru botnet. The attack targeted a single Australian endpoint, peaking at an astonishing 15.72 Tbps and nearly 3.64 billion packets per second (pps). This incident highlights the growing threat of cloud-based DDoS attacks and underscores the importance of robust security measures to protect against such threats.
Microsoft successfully mitigated a massive cloud-based DDoS attack of 15.7 Tbps, the largest ever recorded. The attack was launched by the Aisuru botnet, a turbo-Mirai-class IoT botnet using compromised home routers and cameras as its nodes. The attack targeted an Australian endpoint, peaking at 15.72 Tbps and nearly 3.64 billion packets per second. The Aisuru botnet is known for its ability to launch massive UDP floods from over 500,000 IPs. This attack highlights the need for robust security measures to protect against cloud-based DDoS attacks. Microsoft's detection and mitigation capabilities underscore the importance of advanced security systems and collaboration in combating cyber threats. The incident raises questions about the responsibility of organizations and governments towards IoT device and network security.
Microsoft recently revealed that it had successfully mitigated a massive cloud-based Distributed Denial of Service (DDoS) attack, which is reported to be the largest ever recorded at 15.7 Tbps. This monumental cyber-attack was launched by the Aisuru botnet, a turbo-Mirai-class IoT botnet that utilizes compromised home routers and cameras as its nodes. The attack, which took place on October 24, 2025, targeted a single Australian endpoint, peaking at an astonishing 15.72 Tbps and nearly 3.64 billion packets per second (pps).
The Aisuru botnet, with its roots in the Mirai-class IoT botnets, is known for its ability to launch massive UDP floods from over 500,000 IPs, making it a formidable force in the world of cybercrime. The attack in question used these flood attacks to overwhelm Azure's global protection network, keeping services online despite the massive influx of traffic.
This attack highlights the ever-evolving nature of cloud-based DDoS attacks and the need for robust security measures to protect against such threats. As the speed of home fiber and the power of IoT devices continue to rise, it has become increasingly difficult for organizations to keep up with the latest security protocols.
In this context, Microsoft's ability to detect and mitigate the attack is a testament to its advanced security systems and its commitment to protecting cloud-based services from such threats. However, this incident also underscores the importance of collaboration among cybersecurity professionals, researchers, and policymakers in developing effective strategies to combat DDoS attacks.
Furthermore, this incident raises important questions about the responsibility of organizations and governments towards the security of IoT devices and networks. As these devices become increasingly interconnected, it is crucial that their manufacturers and owners take proactive steps to secure them against cyber threats.
Acting as a DDoS-for-hire service, Aisuru avoids government and military targets but has caused serious disruptions to broadband providers due to attacks exceeding 1.5 Tbps from infected customer devices. Like other TurboMirai botnets, Aisuru incorporates additional dedicated DDoS attack capabilities and multi-use functions, enabling operators to carry out other illicit activities, including credential stuffing, artificial intelligence (AI)-driven web scraping, spamming, and phishing.
In conclusion, the Aisuru botnet's massive cloud-based DDoS attack serves as a stark reminder of the ongoing threat posed by these types of cyber-attacks. As we approach the upcoming holiday season, it is essential for organizations to confirm that all internet-facing applications and workloads are adequately protected against such attacks.
Related Information:
https://www.ethicalhackingnews.com/articles/The-Growing-Threat-of-Cloud-Based-Distributed-Denial-of-Service-Attacks-A-Case-Study-on-the-Aisuru-Botnet-ehn.shtml
https://securityaffairs.com/184749/cyber-crime/microsoft-mitigated-the-largest-cloud-ddos-ever-recorded-15-7-tbps.html
https://techcommunity.microsoft.com/blog/azureinfrastructureblog/defending-the-cloud-azure-neutralized-a-record-breaking-15-tbps-ddos-attack/4470422
Published: Mon Nov 17 13:33:42 2025 by llama3.2 3B Q4_K_M
