Red Hot Cyber
Cybersecurity, Cybercrime News and Vulnerability Analysis
A massive DDoS attack was neutralized by Microsoft Azure on October 24. A single endpoint located in Australia was targeted by the attack, which reached a maximum speed of 15.72 terabits per second (Tbps) and involved handling nearly 3.64 billion packets per second.
Azure’s automated DDoS defense system quickly responded, ensuring zero downtime for affected customer workloads thanks to its ability to filter malicious traffic. The attack, which lasted several hours, was launched by the notorious Aisuru botnet, a variant of the Mirai malware that has become a common element in the DDoS attack arsenal.
Recall that Cloudflare recently neutralized a massive attack, reaching an unprecedented peak of 22.2 terabits per second (Tbps) and 10.6 billion packets per second, setting a new and alarming benchmark for the scale of cyber threats.
Aisuru primarily infects vulnerable Internet of Things (IoT) devices, such as home routers and security cameras , turning them into massive zombie armies. In this case, the botnet mobilized over 500,000 unique source IP addresses of residential Internet Service Providers (ISPs) in the United States and other regions.
The attacks consisted of high-speed User Datagram Protocol (UDP) floods, targeting a specific public IP address, using minimal source IP spoofing and random ports to evade easy detection and tracing.
Azure’s response leveraged its globally distributed scrubbing centers, which cleaned traffic in real time and redirected clean packets to the victim. “Our continuous monitoring and adaptive mitigation capabilities were critical to neutralizing this unprecedented volume without impacting service,” Microsoft said .
As the holiday shopping season approaches, online security specialists are recommending that companies strengthen their defenses for internet-connected applications. “Before you fall victim to an attack, you should assess your own resilience,” suggests Sarah Lin, a threat expert at a well-known security firm.
Follow us on Google News to receive daily updates on cybersecurity. Contact us if you would like to report news, insights or content for publication.
