Record-Breaking 15 Tbps DDoS Attack From 500,000+ Devices Hits Azure Network

Microsoft Azure thwarted what may be the largest distributed denial-of-service (DDoS) attack ever recorded in the cloud on October 24. The attack peaked at 15.72 terabits per second (Tbps) and unleashed nearly 3.64 billion packets per second (pps), targeting a single endpoint in Australia.

Azure’s automated DDoS Protection service sprang into action, filtering out the malicious flood and ensuring zero downtime for the affected customer workloads.

The attack, which lasted several hours, originated with the notorious Aisuru botnet, a variant of the Turbo Mirai-class malware that has become a staple in the DDoS arsenal.

Aisuru primarily infects vulnerable Internet of Things (IoT) devices, such as home routers and security cameras, commandeering them into massive zombie armies.

In this case, the botnet mobilized over 500,000 unique source IP addresses spanning residential internet service providers (ISPs) across the United States and other regions.

The attacks consisted of high-rate User Datagram Protocol (UDP) floods targeting a specific public IP address, using minimal source IP spoofing and randomized ports to evade easy detection and traceback.

Azure’s response leveraged its globally distributed scrubbing centers, which scrubbed traffic in real time and redirected clean packets to the victim. “Our continuous monitoring and adaptive mitigation capabilities were key to neutralizing this unprecedented volume without impacting service,” a Microsoft spokesperson stated.

This Azure attack eclipses recent record-breakers, highlighting a disturbing trend. Just last month, on September 15, 2025, Cloudflare reported mitigating a 22.5 Tbps attack, fueled by a Mirai derivative infecting smart home devices.

Earlier in the year, in March 2025, Google Cloud defended against a 10.2 Tbps multi-vector attack originating from Asia-Pacific botnets that combined SYN floods and DNS amplification.

Going back to 2024, AWS documented an 8.9 Tbps strike on a U.S.-based e-commerce site, traced to compromised routers in Eastern Europe.

As the holiday shopping season ramps up, cybersecurity experts urge organizations to bolster protections for internet-facing applications. “Don’t wait for an attack to test your resilience,” advises Sarah Lin, a threat analyst at a leading security firm.

Regular DDoS simulations can expose vulnerabilities in operational readiness, from traffic routing to failover mechanisms. With botnets like Aisuru growing unchecked, proactive defense remains the only shield against these digital sieges.

Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.