Largest Recorded DDOS Attacks Of All Time Thwarted
Cloudflare has reported the greatest DDOS attack ever recorded to date. With a peak output of 7.3 terabit per second, the attack clearly exceeds the previous record brand. The development of the threat is progressing rapidly.
New record for cyber attacks
The threat of cyber attacks is getting bigger. Above all, the number of DDOS attacks recently increased massively. It is also increasingly to meet services such as the Internet archives and large companies such as Microsoft. Now the world of cyber threats has also reached a new climax. Because how Cloudflare reported in May 2025 a hosting provider was the goal of the DDOS attack (Distributed Denial of Service) ever recorded so far. T
he attack reached a top performance of 7.3 terabits per second and provided around 37.4 terabytes of data within just 45 seconds. This corresponds to about 9,350 HD films, 12.5 million JPEG photos or around 7,480 hours of music streaming-everything within a few minute.
The attackers used a technique known as “Carpet Bombing”. They aimed at an average of 21,925 target ports of a single IP address of the affected hosting provider, with a tip of 34,517 ports per second. This tactics of the spread of data traffic serves to overload firewall or intrusion detection systems and to avoid their defense mechanisms.
Cloudflare as a protective shield
Cloudflare was able to ward off the attack. The attack exceeded the previous record by about twelve percent. It was only in April 2025 that Cloudflare had defended a 6.5 TBPS attack, which probably assumed the Eleven11Bot botnet. The current attack came from over 122,145 source IP addresses from 161 countries, with most attacks from Brazil, Vietnam, Taiwan, China, Indonesia and Ukraine.
The Brazilian telecommunications provider Telefonica Brazil was responsible for 10.5 percent of the total DDOS attack traffic, closely followed by the Viettel Group with 9.8 percent. Infographics Computer crime: Where cyber attacks have their origin
The anatomy of modern DDOS attacks
The majority of the attack (99.996 percent) was carried out in the form of UDP packages (user DataGram Protocol). UDP-based transmissions are usually used for time-critical communications such as video playback, gaming applications and DNS queries. In contrast to the more common Control Protocol transmission, UDP does not wait for connection production and does not check whether data is properly received.
In addition to UDP, the attack also used various reflection and reinforcement vectors, including QOTD reflection (quote of the day protocol), echo reflection, NTP reinforcement (Network Time Protocol), Portmap-Flood and RIPV1 reinforcement. This combination of various attack vectors indicates a highly developed and well -coordinated attack.
Ever larger attacks
The continuous increase in the DDOS attack strength is alarming. In January 2022, an attack with 3.47 TBPs defended by Microsoft was considered a record. In October 2024, this was exceeded by a 5.6 TBP attack on an internet provider in East Asia before the 6.5 TBP mark was reached in April 2025. This development shows a doubling of the attack strength within just three years. Experts suspect that one or more Mirai-based bot nets were involved in the current record attack.
Such bot nets typically consist of compromised home routers, webcams and other IoT devices. The original Mirai botnet was discovered in 2016 and was responsible for several large DDOS attacks, including the attack on the DNS provider Dyn, which paralyzed large parts of the Internet.
