The Aisuru/Kimwolf botnet launched a new massive distributed denial of service (DDoS) attack that peaked at 31.4 Tbps and 200 million requests per second, setting a new record.
The attack was part of a campaign targeting multiple companies, most of them in the telecommunications sector, and was detected and mitigated by Cloudflare last year on December 19.
Aisuru is responsible for the previous DDoS record that reached 29.7 Tbps. Another attack that Microsoft attributed to the botnet peaked at 15.72 Tbps and originated from 500,000 IP addresses.
Due to its timing, Cloudflare named the latest Aisuru campaign “The Night Before Christmas” and characterized it as an “unprecedented bombardment” on telecommunications service providers and IT organizations.
“The campaign targeted Cloudflare customers as well as Cloudflare’s dashboard and infrastructure with hyper-volumetric HTTP DDoS attacks exceeding rates of 200 million requests per second (rps) alongside Layer 4 DDoS attacks peaking at 31.4 Terabits per second, making it the largest attack ever disclosed publicly,” Cloudflare says in a report today.
More than half of the attacks in the Aisuru DDoS campaign lasted between one and two minutes, with just 6% taking longer. Most of them (90%) peaked between 1-5 Tbps, and roughly 94% were in the range of 1-5 billion packets per second.
DDoS attacks size share
Source: Cloudflare
Despite the scale of these hyper-volumetric attacks, Cloudflare says they were detected and mitigated automatically and didn’t trigger any internal alerts.
Aisuru botnet's power comes from compromised IoT devices and routers. However, the attack sources in "The Night Before Christmas" campaing were Android TVs, Cloudflare says in the report.
... continue reading