DDoS deluge: Brit biz battered by record botnet blitz

DDoS deluge: Brit biz battered by record botnet blitz

Briefly

"Cloudflare says DDoS crews ended 2025 by pushing traffic floods to new extremes, while Britain made an unwelcome leap of 36 places to become the world's sixth-most targeted location. The Q4 stats confirm it was a lively year for traffic floods, with Cloudflare claiming it had to swat away 47.1 million DDoS attacks, more than double 2024's count. Momentum picked up toward the end of the year, as Q4 volumes jumped 31 percent from the prior quarter and 58 percent over 2024."

"Aisuru-Kimwolf, a botnet made up largely of malware-infected Android TVs, was behind the largest blast of the quarter, pushing traffic to a record-breaking 31.4 Tbps. The campaign, dubbed "The Night Before Christmas," kicked off on December 19 and targeted Cloudflare customers as well as Cloudflare's own dashboard and infrastructure in parallel. "As the number of attacks increased over the course of 2025, the size of the attacks increased as well, growing by over 700 percent compared to the large attacks seen in late 2024," Cloudflare said."

"Scale isn't the only thing shifting, as Cloudflare reports that attackers are ditching long-haul floods in favour of smash-and-dash traffic spikes. Some incidents during the campaign wrapped up in well under two minutes yet still pushed traffic into the billions of packets per second, underscoring how sheer speed has become the real weapon. Cloudflare attributes much of the surge to large botnets built from compromised internet-connected devices, including routers, cameras, and DVRs. The company also says attackers are increasingly abusing cloud-hosted virtual machines to generate large bursts of traffic, allowing them to scale attacks quickly."