A newly disclosed **Aisuru IoT botnet** attack unleashed a record-breaking **29.6 Tbps DDoS assault**, overwhelming major online gaming platforms, including **Minecraft**, on **October 8, 2025**. The attack, lasting mere seconds, exploited **compromised IoT devices** (home routers, IP cameras, DVRs) hosted under **US ISPs (AT&T, Comcast, Verizon, T-Mobile, Charter)**, flooding servers with malicious traffic far exceeding typical mitigation thresholds. While the primary target was gaming services, the sheer scale caused **widespread internet disruptions**, crippling connectivity for users beyond the gaming community. Cybersecurity journalist **Brian Krebs** highlighted that such attacks now surpass the defensive capabilities of most organizations, posing systemic risks. Though no data breach or ransomware was involved, the **outage disrupted payment processes, user access, and service availability**, inflicting **reputational damage** and **financial losses** from downtime. The incident underscores the escalating threat of **IoT-driven DDoS campaigns** targeting high-traffic digital platforms.
TPRM report: https://www.rankiteo.com/company/cloudflare
"id": "clo0692506101325",
"linkid": "cloudflare",
"type": "Cyber Attack",
"date": "10/2025",
"severity": "60",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'industry': 'Telecommunications',
'location': 'United States',
'name': 'AT&T',
'type': 'ISP'},
{'industry': 'Telecommunications',
'location': 'United States',
'name': 'Comcast',
'type': 'ISP'},
{'industry': 'Telecommunications',
'location': 'United States',
'name': 'Verizon',
'type': 'ISP'},
{'industry': 'Telecommunications',
'location': 'United States',
'name': 'T-Mobile',
'type': 'ISP'},
{'industry': 'Telecommunications',
'location': 'United States',
'name': 'Charter',
'type': 'ISP'},
{'industry': 'Gaming/Entertainment',
'location': 'Global',
'name': 'Minecraft (and other online gaming platforms)',
'type': 'Gaming Platform'}],
'attack_vector': ['Compromised IoT Devices', 'DDoS Amplification'],
'date_detected': '2025-10-08',
'description': 'A newly disclosed attack campaign linked to the IoT botnet '
'Aisuru led to a massive surge in malicious traffic, '
'temporarily disrupting major online gaming platforms with '
'nearly 29.6 Tbps of DDoS packets. The incident lasted only a '
'few seconds on October 8, 2025, primarily leveraging '
'compromised devices (home routers, IP cameras, and DVRs) '
'hosted under leading US ISPs like AT&T, Comcast, Verizon, '
'T-Mobile, and Charter. The attacks targeted ISPs serving '
'online gaming communities such as Minecraft, resulting in '
'widespread Internet disruption beyond the gaming sector.',
'impact': {'downtime': 'Few seconds (but widespread disruption)',
'operational_impact': 'Temporary disruption of major online gaming '
'platforms and broader Internet services',
'systems_affected': ['Online Gaming Platforms (e.g., Minecraft)',
'ISPs (AT&T, Comcast, Verizon, T-Mobile, '
'Charter)']},
'initial_access_broker': {'entry_point': ['Compromised IoT Devices (home '
'routers, IP cameras, DVRs)'],
'high_value_targets': ['ISPs serving online gaming '
'communities']},
'post_incident_analysis': {'root_causes': ['Exploitation of vulnerable IoT '
'devices for botnet recruitment',
'Insufficient DDoS mitigation '
'capabilities in targeted ISPs']},
'references': [{'source': 'Krebs on Security (Brian Krebs)'}],
'threat_actor': 'Aisuru IoT Botnet',
'title': 'Massive DDoS Attack by Aisuru IoT Botnet Disrupts Major Online '
'Gaming Platforms',
'type': ['DDoS Attack', 'Botnet Attack']}