Record-Breaking DDoS Attack
The AISURU/Kimwolf botnet has launched a record-setting DDoS attack peaking at 31.4 Tbps. Cloudflare detected and mitigated the activity, part of a growing number of hyper-volumetric HTTP DDoS attacks. The attack lasted only 35 seconds but demonstrates unprecedented botnet capability.
DDoS attacks surged 121% in 2025, with over 47.1 million total attacks. Cloudflare mitigated 34.4 million network-layer DDoS attacks in 2025 alone.
Botnet Infrastructure
AISURU/Kimwolf has compromised over 2 million Android devices, primarily off-brand Android TVs, tunneling through residential proxy networks like IPIDEA. Last month, Google disrupted IPIDEA and initiated legal action against control domains.
Attack Statistics
In Q4 2025, hyper-volumetric attacks increased 40%, jumping from 1,304 to 1,824 campaigns. Attack sizes grew over 700% compared to late 2024. The most attacked sectors include telecommunications, service providers, and information technology.
Defense Implications
Cloudflare warns that DDoS attacks are rapidly growing in sophistication and scale. Organizations relying on on-premise mitigation or scrubbing centers should re-evaluate their defense strategies to adapt.
TL;DR
- AISURU/Kimwolf achieved record 31.4 Tbps DDoS attack in Q4 2025- Over 2 million compromised Android devices power the botnet
- DDoS attacks surged 121% in 2025 with 47.1 million total incidents
- Network-layer attacks account for 78% of all DDoS activity
- Traditional on-premise defenses are inadequate against hyper-volumetric attacks
Sources
Cloudflare: DDoS Threat Report Q4 2025The Hacker News: AISURU/Kimwolf Botnet Article