A record-scale distributed denial-of-service (DDoS) attack targeted the website of a leading DDoS scrubbing vendor in Western Europe, reaching 1.5 billion packets per second (1.5 Gpps) one of the largest packet-rate floods ever disclosed. The attack was a UDP flood launched from over 11,000 compromised networks worldwide, including hijacked IoT devices and customer-premises equipment (CPE). While FastNetMon’s advanced detection platform mitigated the attack within seconds, preventing service disruption, the incident highlights escalating risks for network operators.The attack follows a recent 11.5 Tbps DDoS assault reported by Cloudflare, signaling a dangerous trend where attackers exploit vulnerable CPE devices for unprecedented-scale packet and bandwidth floods. Though no data breach or financial loss was reported, the attack strained infrastructure defenses and demonstrated the potential for future outages or cascading disruptions if such floods overwhelm mitigation systems. The vendor’s rapid response averted immediate harm, but the event underscores systemic vulnerabilities in global network security, particularly from botnet-driven volumetric attacks leveraging unsecured IoT ecosystems.
Source: https://hackread.com/1-5-billion-packets-per-second-ddos-attack-detected-with-fastnetmon/
TPRM report: https://www.rankiteo.com/company/fastnetmon
"id": "fas5232252091125",
"linkid": "fastnetmon",
"type": "Cyber Attack",
"date": "9/2025",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'industry': 'Cybersecurity (DDoS Mitigation)',
'location': 'Western Europe',
'name': 'Unnamed Leading DDoS Scrubbing Vendor '
'(Western Europe)',
'type': 'Private Sector'}],
'attack_vector': ['UDP Flood',
'Compromised Customer-Premises Equipment (CPE)',
'IoT Devices',
'Routers'],
'date_detected': '2025-09-11',
'date_publicly_disclosed': '2025-09-11',
'description': 'FastNetMon detected a record-scale distributed '
'denial-of-service (DDoS) attack targeting the website of a '
'leading DDoS scrubbing vendor in Western Europe. The attack '
'reached 1.5 billion packets per second (1.5 Gpps), primarily '
'a UDP flood launched from compromised customer-premises '
'equipment (CPE), including IoT devices and routers, across '
'more than 11,000 unique networks worldwide. FastNetMon '
'Advanced platform detected and mitigated the attack within '
'seconds, preventing disruption to the target service.',
'impact': {'operational_impact': 'Potential disruption mitigated by '
'FastNetMon Advanced platform',
'systems_affected': ["DDoS Scrubbing Vendor's Website"]},
'investigation_status': 'Detected and mitigated; no disruption reported.',
'lessons_learned': 'The incident highlights the growing threat of '
'high-packet-rate DDoS attacks leveraging compromised IoT '
'and CPE devices. Proactive detection at the ISP level is '
'critical to mitigate scaling risks.',
'post_incident_analysis': {'root_causes': ['Compromised CPE devices (IoT, '
'routers) used as botnet nodes for '
'UDP flood.',
'Lack of ISP-level outgoing '
'traffic filtering.']},
'recommendations': ['Implement detection logic at the ISP level to block '
'outgoing DDoS traffic before it scales.',
'Enhance monitoring of CPE devices (e.g., IoT, routers) '
'for signs of compromise.',
'Deploy advanced DDoS mitigation solutions capable of '
'handling multi-gigapacket-per-second floods.'],
'references': [{'date_accessed': '2025-09-11', 'source': 'CyberNewsWire'},
{'date_accessed': '2025-09-11',
'source': 'FastNetMon Official Statement',
'url': 'https://fastnetmon.com'}],
'response': {'communication_strategy': {'expert_commentary': 'Pavel Odintsov, '
'Founder of '
'FastNetMon, '
'warned about '
'the escalating '
'risks of '
'hijacked CPE '
'devices in '
'large-scale '
'DDoS attacks '
'and urged '
'ISP-level '
'detection '
'logic.',
'media_statement': True,
'public_disclosure': True},
'containment_measures': ['Real-time detection via FastNetMon '
'Advanced platform',
'Automated mitigation within seconds'],
'enhanced_monitoring': True,
'incident_response_plan_activated': True,
'on_demand_scrubbing_services': True},
'title': 'Record-Scale 1.5 Gpps DDoS Attack Targeting Leading DDoS Scrubbing '
'Vendor in Western Europe',
'type': 'Distributed Denial-of-Service (DDoS) Attack'}