KrebsOnSecurity, a blog covering cybersecurity, has experienced a near-record distributed denial of service (DDoS) attack, reaching a 6.3 terabit per second data rate.
The blog author, Brian Krebs, is an American information security journalist. He suspects the brief attack is a test run for a massive new Internet of Things (IoT) botnet.
The data rate makes this DDoS attack one of the largest ever recorded. Cloudflare previously coined the term “hyper-volumetric” to describe DDoS attacks of over 1 Tbps, capable of saturating the whole bandwidth.
Interestingly, the blog was protected by Project Shield, a free service by Google that protects news, human rights, and election monitoring sites from DDoS attacks.
“Google Security Engineer Damian Menscher told KrebsOnSecurity the May 12 attack was the largest Google has ever handled,” Krebs said in a blog post. “The 6.3 Tbps attack last week caused no visible disruption to this site, in part because it was so brief — lasting approximately 45 seconds.”
The attack was attributed to the Aisuru botnet, which is a massive network of compromised routers, DVRs, and other Internet of Things (IoT) devices. The botnet emerged and has been growing since 2024. It is known to offer DDoS-for-hire services on Telegram for a few hundred dollars per week.
The largest DDoS attack ever was recorded by Cloudflare in April 2025, with a peak of 6.5 Tbps.
“Google Security Engineer Damian Menscher told KrebsOnSecurity the May 12 attack was the largest Google has ever handled,”
Krebs said.
Massive data rate surges in hyper-volumetric attacks usually last between 35-45 seconds, and in Q1 2025, Cloudflare blocked over 700 of these attacks, which were unseen a year ago.
The botnet bombarded KrebsOnSecurity with large UDP data packets at random ports at a rate of approximately 585 million packets per second.
Krebs went as far as finding and reaching out to the operator of the botnet, known online as Forky, who has a long history of running a DDoS-for-hire service; however, the operator denied the involvement and came empty-handed when pressed to disclose the client behind the attack.
Security experts warn that the Aisuru botnet exploits unknown vulnerabilities and commandeers IoT devices without competition from other botnets, which makes Aisuru even more dangerous due to the concentrated level of firepower.
Your email address will not be published. Required fields are markedmarked