Microsoft Blocks Record-Breaking 15.72 Tbps DDoS Attack Launched by Aisuru Botnet

Microsoft’s cloud service Azure detected an enormous distributed denial-of-service attack that reached record proportions. The traffic volume peaked at a staggering 15.72 terabits per second and nearly 3.64 billion packets per second. This makes it one of the largest DDoS incidents ever recorded in a cloud environment.

The target of the attack was a single public IP address located in Australia. The malicious traffic originated from more than 500,000 distinct source IP addresses spread across multiple regions worldwide. The scale and coordination immediately raised alarm bells within the cybersecurity community.

According to Microsoft, the attack was launched by the Aisuru botnet a large network of compromised devices including home routers, cameras and other Internet-of-Things (IoT) equipment. The botnet exploited unsecured devices to generate the massive volume of traffic, underscoring the growing threat posed by weak IoT security.

Technically, the attack relied heavily on high-rate UDP floods with minimal source port randomisation and relatively few spoofed addresses. These characteristics made it possible for Azure’s protections to detect and filter the malicious traffic more efficiently, despite its huge scale.

Microsoft states that, thanks to its global DDoS protection infrastructure, the flood of traffic was filtered and redirected so that no customer services were affected. Azure was able to absorb the load and maintain normal operations without any downtime or disruption for clients

.

The incident highlights that DDoS attacks are no longer minor nuisances they have reached infrastructure-level proportions. With more powerful Internet links and large IoT botnets at attackers’ disposal, the magnitude of damage that can be done continues to grow and evolve.

For businesses and organisations, this event serves as a powerful reminder: basic protections alone are no longer sufficient. It is crucial to assess the resilience of all internet-facing workloads and adopt robust mitigation strategies, rather than relying on reactive responses.

In short, the attack on Azure by the Aisuru botnet set a new benchmark in DDoS scale (15.72 Tbps and 3.64 billion pps) and yet was neutralised without customer impact. The message is clear: organisations must treat DDoS as a strategic, high-level risk and build defences accordingly.

Stay alert, and keep your security measures updated!

Source: Follow cybersecurity88 on X and LinkedIn for the latest cybersecurity news