257/68 Thursday, July 17, 2025
Cloudflare has released its Q2 2025 threat report, revealing that it mitigated over 7.3 million Distributed Denial-of-Service (DDoS) attacks during the quarter. Although this marks a drop from 20.5 million attacks in Q1, the severity of attacks has sharply increased. Notably, “hyper-volumetric DDoS” attacks-those involving massive data volumes-rose to 6,500 incidents, averaging 71 per day. One of the largest observed attacks peaked at 7.3 Tbps and 4.8 billion packets per second, lasting only 45 seconds. These escalating threats prompted Cloudflare to enhance its monitoring and evolve its defensive strategies accordingly.
The report highlights that attackers are combining massive traffic floods with stealthy reconnaissance techniques to exploit vulnerable systems. Technically, Layer 3/4 attacks dropped 81% to 3.2 million, while HTTP-based DDoS attacks increased by 9% to 4.1 million, with over 70% originating from botnets. Common attack vectors included DNS floods, TCP SYN floods, and UDP floods, mainly targeting telecom providers, ISPs, online gaming platforms, and gambling websites. Based on customer telemetry, the most targeted countries were China, Brazil, Germany, India, South Korea, Turkey, Hong Kong, Vietnam, Russia, and Azerbaijan, while most attacks originated from Indonesia, Singapore, Argentina, and Ukraine.
One alarming trend is the 68% rise in ransom DDoS attacks, where hackers threaten or launch DDoS assaults unless a ransom is paid. In some cases, the ransom demand follows an initial wave of attacks. Additionally, a new botnet strain called “DemonBot” has emerged, spreading through unprotected IoT devices-often via open ports or weak default passwords-to launch UDP, TCP, and application-layer attacks. These are particularly effective against gaming networks, web hosting services, and enterprise platforms. Cloudflare urges users to update firmware, use strong passwords, and deploy domain filtering or anti-malware solutions regularly to reduce the risk of becoming part of large-scale botnet operations in the future.
Source https://thehackernews.com/2025/07/hyper-volumetric-ddos-attacks-reach.html
