432/68 Thursday, October 30, 2025
A new report from cybersecurity company Netscout has revealed the discovery of “Aisuru”, a next-generation botnet evolved from the Mirai malware family. Aisuru was behind several massive Distributed Denial of Service (DDoS) attacks in October 2025, reaching an unprecedented 20 terabits per second (Tbps) and more than 4 trillion packets per second (gpps). The primary targets were major online gaming service providers.
Classified as part of the “TurboMirai-class”, Aisuru exhibits highly advanced attack capabilities. Its network relies on compromised IoT devices such as home routers, CCTV/DVRs, and customer-premises equipment (CPE), which are conscripted into large-scale attacks. In addition to DDoS-for-hire services, Aisuru also supports credential stuffing, AI-powered web scraping, and spam/phishing distribution. While it avoids targeting government and military entities, its collateral impact has been severe, with broadband ISPs overwhelmed by outbound traffic from infected customer devices exceeding 1.5 Tbps.
One notable aspect of Aisuru’s activity is its high-pps attack capability (over 4 gpps), powerful enough to crash processing cards in large network routers. However, the report highlights that Aisuru lacks IP spoofing functionality, which allows network providers to trace attacks back to the infected devices and take corrective action.
Netscout recommends that ISPs and network operators closely monitor inbound, outbound, and internal DDoS traffic, deploy Intelligent DDoS Mitigation Systems (IDMS), and urgently patch vulnerable endpoint devices to reduce the scale and impact of such large-scale attacks.
Source https://securityaffairs.com/183969/malware/aisuru-botnet-is-behind-record-20tb-sec-ddos-attacks.html
