Executive Summary
- Microsoft’s Azure platform successfully mitigated a record-breaking DDoS attack peaking at 15.72 terabits per second (Tbps) on October 24.
- The attack was launched by the Aisuru botnet, a powerful network of infected IoT devices, and targeted a single endpoint in Australia.
- Despite the massive scale of the attack, which involved nearly 3.64 billion packets per second, no Azure customer services were impacted.
- The incident underscores the escalating power of DDoS attacks, with security experts warning the botnet’s capabilities continue to grow.
Microsoft announced that its Azure cloud platform successfully mitigated a record-breaking distributed denial-of-service (DDoS) attack on October 24. The attack, attributed to the Aisuru botnet, reached a peak of 15.72 terabits per second (Tbps) and generated nearly 3.64 billion packets per second, targeting a single endpoint in Australia. According to Microsoft, automated defense systems prevented any service interruptions for Azure customers.
The massive traffic flood originated from over 500,000 source IP addresses across various regions, overwhelming the target with User Datagram Protocol (UDP) packets. In a company blog post, Microsoft’s Sean Whalen described the event as “the largest DDoS attack ever observed in the cloud.”
The perpetrator, the Aisuru botnet, is a known threat based on the Mirai IoT botnet source code that first emerged in August 2024. It has since been linked to a series of escalating attacks, including a 6.3 Tbps strike against the KrebsOnSecurity website in June 2025. Security experts note that Aisuru primarily infects internet-connected devices such as home routers and cameras to build its network.
According to security firm Netscout, Aisuru operates as a DDoS-for-hire service, and its capabilities may now exceed 20 Tbps. The incident highlights a growing trend of increasingly powerful cyberattacks, with Whalen noting, “Attackers are scaling with the internet itself.”