Home / News

Hyper-Volumetric DDoS Attack Sets New Benchmark at 22.2 Tbps

By CircleID Reporter
  • September 25, 2025, 9:28 am PDT
  • Views: 10,672
  • Add Comment
DDoS attack volume reaches unprecedented peak, 22.2 terabits per second (Source: Cloudflare)

A distributed denial-of-service (DDoS) attack has redefined the upper bounds of volumetric assault, briefly peaking at 22.2 terabits per second (Tbps) and 10.6 billion packets per second (Bpps). Though lasting only 40 seconds, the incident, reported by Cloudflare, represents a structural escalation in the scale, precision, and automation of denial-of-service tactics.

Attack method: The target, a European network infrastructure provider, was subjected to a UDP-based carpet bombing campaign—an increasingly common method in which multiple ports on a single host are saturated simultaneously. This particular attack targeted an average of 31,000 destination ports per second, peaking at 47,000, making it both a volumetric and port exhaustion event.

Analysis points to the Aisuru botnet, which leverages large swathes of compromised IoT devices—routers, digital video recorders, and other embedded systems—many of which are exploitable via known CVEs or unpatched zero-days. The attack traffic was traced to over 404,000 unique, non-spoofed IPs across 14 autonomous system numbers (ASNs), suggesting a well-coordinated botnet with high geographic distribution and sufficient command-and-control efficiency.

Capability shift: While volumetric DDoS attacks are not novel, this event marks a qualitative shift in attacker capabilities. At over twice the size of the previously recorded peak (11.5 Tbps), the assault likely reflects both advances in botnet orchestration and growing aggregate bandwidth available to compromised nodes, particularly in residential and small-office networks connected via fibre.

Cybersecurity researchers warn that such hyper-volumetric attacks are increasingly employed not as standalone events, but as part of composite threat operations—either as diversionary tactics during data exfiltration or as probes for broader infrastructure mapping.

NORDVPN DISCOUNT - CircleID x NordVPN
Get NordVPN  [74% +3 extra months, from $2.99/month]
By CircleID Reporter

CircleID’s internal staff reporting on news tips and developing stories. Do you have information the professional Internet community should be aware of? Contact us.

 Visit Page

Filed Under

Comments

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

IPv4 Markets

Sponsored byIPv4.Global

DNS

Sponsored byDNIB.com

Cybersecurity

Sponsored byVerisign

Brand Protection

Sponsored byCSC

Domain Names

Sponsored byVerisign

New TLDs

Sponsored byRadix

DNS Security

Sponsored byWhoisXML API

View All Topics