Overview
- Azure DDoS Protection automatically detected and mitigated the October 24 attack, which peaked at 15.72 Tbps and nearly 3.64 billion packets per second against a single public IP in Australia.
- Microsoft attributes the operation to the Aisuru botnet, a Turbo Mirai‑class IoT network built from compromised home routers and cameras.
- The flood came from more than 500,000 source IPs using high‑rate UDP bursts with minimal spoofing and randomized source ports, which simplified traceback and enforcement.
- Microsoft says its globally distributed filtering kept customer workloads online with no reported service interruption.
- Cloudflare and Netscout have linked Aisuru to other record multi‑terabit campaigns, including a 22.2 Tbps event in September, and they urge organizations to validate protections and run DDoS simulations.