On October 24, 2025, Azure DDOS Protection automatically detected and mitigated a multi-vector DDoS attack measuring 15.72 Tbps and approximately 3.64 billion packets per second (pps). It was the largest DDoS attack ever seen in the cloud and targeted a single endpoint in Australia.
Using Azure’s globally distributed DDoS protection infrastructure and continuous detection capabilities, mitigation measures were initiated. Malicious traffic was effectively filtered and redirected, while maintaining uninterrupted service availability for customer workloads.
The attack originated from the Aisuru botnet. Aisuru is a Turbo Mirai-class IoT botnet that frequently causes record-breaking DDoS attacks by exploiting compromised home routers and cameras at residential ISPs, primarily in the United States and other countries.
The attack consisted of an extremely high-rate UDP flood targeting a specific public IP address, launched from over 500,000 source IPs in different regions. These sudden UDP bursts had minimal source spoofing and used random source ports, which helped simplify traceback and facilitate provider enforcement.
Attackers are scaling from the internet itself. As fiber-to-the-home speeds increase and IoT devices become more powerful, the baseline for attack size continues to grow.
As we approach the upcoming holiday season, it is essential to confirm that all Internet-facing applications and workloads are adequately protected against DDoS attacks. Additionally, don’t wait for an actual attack to assess your defensive capabilities or operational readiness – conduct regular simulations to identify potential issues and proactively address them.
Learn more about Azure DDOS protection on the Azure DDoS Protection Overview. Microsoft Learn