The record-shattering assault delivered 37.4 terabytes of data in just 45 seconds. The largest distributed denial of service (DDoS) attacks are approaching double-digit terabit per second data rates.
Cloudflare said it has blocked the largest DDoS attack ever recorded. The previous record didn’t last long.
In mid-May, cybercriminals bombarded the service with a staggering 7.3 Tbps data rate, but Cloudflare’s defenses automatically thwarted the attack. The target was a Cloudflare customer, a hosting provider.
This DDoS is 12% larger than the previous record, reported on April 27th, 2025, and added an additional 1 Tbps compared to the recent attack targeting KrebsOnSecurity, Brian Krebs’s blog covering cybersecurity, which stunned experts.
“Thirty-seven terabytes is not a staggering figure in today’s scales, but blasting 37.4 terabytes in just 45 seconds is,” the company said in a report.
“It’s the equivalent to flooding your network with over 9,350 full-length HD movies, or streaming 7,480 hours of high-definition video nonstop (that’s nearly a year of back-to-back binge-watching) in just 45 seconds.”
Cloudflare also compares the figures to downloading 9.35 million songs or 12.5 million high-resolution photos in under a minute.
The majority of households lack access to a 1 Gbps internet connection – it would require 7,300 such lines to match the bandwidth of the attack.
“The attack carpet-bombed an average of 21,925 destination ports of a single IP address owned and used by our customer, with a peak of 34,517 destination ports per second. The attack also originated from a similar distribution of source ports,” Cloudflare details.
Almost all traffic (99.996%) was categorized as UDP (User Datagram Protocol) flood, during which attackers attempt to saturate the internet link or overwhelm devices with more packets than they can handle. The remaining 0.004% accounted for 1.3GB of the attack traffic.
Defenders identified 122.145 source IP addresses from 161 countries participating in the attack. Almost half of the attack traffic originated from Brazil and Vietnam, with approximately a quarter each. A lot of traffic also came from Taiwan, China, Indonesia, Ukraine, Ecuador, Thailand, the US, and Saudi Arabia.
Cloudflare also explains how the attack was mitigated: attack packets targeting the IP address were routed to the closest data center, which spread the traffic and enabled mitigation close to the botnet nodes. Four hundred forty-seven data centers across 293 locations were involved in the defense.
Your email address will not be published. Required fields are markedmarked