Cloudflare Blocks Record 7.3 Tbps DDoS Attack
Cloudflare has revealed that it blocked the largest Distributed Denial-of-Service (DDoS) attack ever recorded in mid-May 2025. The attack peaked at 7.3 terabits per second (Tbps), surpassing previously recorded threats.
This news follows the company's Q1 2025 DDoS threat report, released on April 27, which highlighted major attacks reaching 6.5 Tbps and 4.8 billion packets per second (pps).
The target was a hosting provider using Cloudflare's Magic Transit service to protect its IP network. Attacks on hosting and infrastructure providers are reportedly increasing, according to Cloudflare's threat report.
The 7.3 Tbps attack transferred 37.4 terabytes of data in just 45 seconds. This is equivalent to: Streaming 7,480 hours of HD video nonstop
Downloading 9.35 million songs in under a minute
Cloudflare's systems detected and blocked the attack automatically, ensuring zero service disruption.
The attack used a newly emerging method exploiting HTTP/2, a common web protocol. At its peak, it delivered over 200 million requests per second, aiming to overwhelm robust infrastructure.
Cloudflare reported that the attack: Targeted an average of 21,925 ports on a single IP address
Peaked at 34,517 destination ports per second
Originated from over 122,145 source IPs across 5,433 autonomous systems in 161 countries
About 50% of the traffic came from Brazil and Vietnam. Other sources included Taiwan, China, Indonesia, Ukraine, Ecuador, Thailand, the U.S., and Saudi Arabia.
The multivector attack was mostly composed of UDP floods, with smaller volumes of QOTD reflection, Echo, NTP, Mirai, Portmap, and RIPv1 amplification attacks.
To help providers respond to such threats, Cloudflare offers a free DDoS Botnet Threat Feed. Over 600 global organizations have subscribed to this API-based feed to identify abusive IPs within their networks.
Cloudflare confirmed that its DDoS protection systems neutralized the threat without human intervention, alerts, or incidents. The company emphasized its commitment to building a safer Internet and providing free, unmetered DDoS protection.
Cloudflare's global network spans over 300 cities in more than 100 countries. Its automated systems are designed to respond quickly and effectively to evolving cyber threats.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Channel Post MEA
3 days ago
- Channel Post MEA
MTN Business And Cloudflare Expand Partnership In South Africa
MTN Business, and Cloudflare have announced an expansion of its strategic partnership to deliver Zero Trust and Application Services as a managed service to corporate clients. MTN Business has become the first Managed Security Service Provider (MSSP) in South Africa to deliver Cloudflare's industry-leading Zero Trust cybersecurity solutions. The collaboration brings businesses in South Africa a comprehensive suite of managed solutions, leveraging MTN's connectivity expertise across the region with Cloudflare's global infrastructure and cybersecurity suite of solutions. Hybrid work complexities and a dynamic threat landscapes are challenging businesses across South Africa. In the second quarter of 2025, Cloudflare's security measures prevented an average of 277 million cyber threats in Africa every single day, with the top targeted industries being Telecommunications (49% of mitigated requests), followed by Banking/Financial Services/Insurance (22.7%), Retail (8.3%), Newspapers (3.3%), and Gaming/Gambling (3.2%). Moreover, Cloudflare blocked an average of 1.5 billion (4%) cyber attacks each day that were primarily classified as DDoS attacks originating in South Africa. Businesses across every sector are facing a rapidly evolving threat landscape which requires a comprehensive suite of solutions to safeguard their digital operations at all times. While Cloudflare's Application Services accelerate and secure web applications, the Cloudflare One Zero Trust services simultaneously verify access, securing connectivity to protect employees at every stage. Now partnering together to empower businesses in the region, MTN is extending Cloudflare's portfolio of services as managed services to work hand-in-hand with organizations of all types. As cyber threats evolve in scale and complexity, organizations should not have to rely on their own technical expertise to run and maintain a secure, efficient business. MTN and Cloudflare see businesses across the country seeking a one-stop-solution. Whether a small business or a large enterprise, organisations can now access scalable security solutions that align with their specific needs. Leveraging Cloudflare's industry-leading security and cloud connectivity, MTN Business will deliver the services at-scale, making managed services accessible to a broader market. A Cloudflare commissioned Forrester Consulting Total Economic Impact study focused on a composite organization representative of interviewed customers using Cloudflare, found that they achieved a 238% ROI over three years, from broad use of the Cloudflare platform. 'We are thrilled to be the first Cloudflare MSSP partner in South Africa. This collaboration enables us to bring best-in-class cybersecurity solutions to our customers, offering market-leading protection', said David Behr, Executive for MTN ICT Converged Solutions. 'Unlike outdated legacy architecture solutions, Cloudflare's connectivity cloud suite of solutions delivers unparalleled security, providing businesses the confidence to operate in an increasingly digital world.' 'Cloudflare is the only company offering a broad range of network security and SASE services through a unified platform built on our own infrastructure, delivering the most comprehensive set of managed solutions. Service providers like MTN are essential to extending critical security protections at scale, and we are thrilled to be partnering together to help protect businesses across Africa,' said Tom Evans, Chief Partner Officer at Cloudflare. 'As the demand for managed security services continues to rise, Cloudflare's connectivity cloud platform is uniquely positioned to enable partners to deliver cost-effective, consolidated cybersecurity. By combining our platform with MTN's regional expertise, we're committed to strengthening the security posture and consolidating costs for businesses across Africa.' Cloudflare's connectivity cloud integrates seamlessly with existing IT infrastructures, allowing businesses to enhance their security and operational efficiency without disruption. Today, South African businesses can leverage the MTN and Cloudflare partnership to strengthen their digital environments, and will soon be extended to additional African markets across the continent.
TECHx
04-08-2025
- TECHx
Cloudflare Reports Record-Breaking DDoS Attacks in Q2 2025
Home » Emerging technologies » Cyber Security » Cloudflare Reports Record-Breaking DDoS Attacks in Q2 2025 Cloudflare, Inc., the security, performance, and reliability company, has announced its Q2 2025 DDoS report. The report revealed key insights and emerging trends across the global DDoS threat landscape. According to Cloudflare, Q2 saw a surge in hyper-volumetric DDoS attacks. The company automatically blocked its largest attacks ever recorded peaking at 7.3 terabits per second (Tbps) and 4.8 billion packets per second (Bpps). In total, Cloudflare mitigated 7.3 million DDoS attacks in Q2. This marked a drop from 20.5 million in Q1, which included a major 18-day attack campaign. Still, Q2 figures were 44% higher compared to the same period in 2024. Cloudflare reported over 6,500 hyper-volumetric DDoS attacks this quarter, averaging 71 per day. These included: L3/4 DDoS attacks exceeding 1 Tbps or 1 Bpps HTTP DDoS attacks exceeding 1 million requests per second (Mrps) While overall attack numbers declined, HTTP DDoS attacks increased 9% to 4.1 million. Layer 3/4 attacks, however, dropped 81% to 3.2 million. The Telecommunications sector was the most targeted industry. Other affected sectors included Internet, IT & Services, Gaming, and Banking. Top targeted countries by billing location were China, Brazil, Germany, India, and South Korea. Vietnam, Russia, and Azerbaijan also saw significant increases. Cloudflare noted that 71% of respondents were unsure of the threat actor. Of the rest: 63% blamed competitors, especially in Gaming, Gambling, and Crypto 21% pointed to state-level actors 5% each cited self-DDoS, extortionists, or disgruntled users Ransom DDoS attacks also rose. The number of affected Cloudflare customers jumped 68% from Q1 and 6% from Q2 2024. Cloudflare revealed that botnets launched 71% of HTTP DDoS attacks. For L3/4, DNS floods remained the top vector, followed by SYN and UDP floods. The report also highlighted emerging threats: Teeworlds flood attacks rose 385% RIPv1 floods increased 296% RDP floods climbed 173% Demon Bot and VxWorks floods also surged Most DDoS attacks remained small. About 94% of L3/4 attacks were below 500 Mbps, and 85% stayed under 50,000 packets per second. However, hyper-volumetric attacks are rising. Six out of every 100 HTTP DDoS attacks exceeded 1 million requests per second. Bashar Bashaireh, AVP Middle East, Türkiye & North Africa at Cloudflare, commented, 'The Q2 data highlights how quickly the DDoS threat landscape is evolving. Attackers are launching faster, shorter, and more aggressive campaigns.' Cloudflare emphasized the importance of always-on protection. The company remains focused on delivering unmetered, automated DDoS protection that scales with modern threats.
Zawya
03-08-2025
- Zawya
Netscout empowers customers to defeat cyberthreats with AI-powered DDoS defense
Dubai, UAE – NETSCOUT SYSTEMS, INC. (NASDAQ: NTCT), a leading provider of observability, AIOps, cybersecurity, and DDoS attack protection solutions, today announced new AI-backed enhancements to its NETSCOUT Arbor Edge Defense and NETSCOUT Arbor Enterprise Manager Adaptive Distributed Denial of Services (DDoS) solution to help customers further automate operations, enhance defense, and improve reporting. These powerful enhancements leverage AI to intelligently automate defenses against an expanding array of attack vectors, enabling customers to accelerate their response to DDoS attacks to better protect their most critical applications and services. The Arbor Edge Defense and Arbor Enterprise Manager solution utilizes the ATLAS Intelligence Feed, derived from monitoring over 700 Tbps of Internet traffic in real-time across over 500 ISPs and 2,000 enterprise sites from over 100 countries, representing approximately 50% of global Internet activity at any given time. AI/ML algorithms run in the ATLAS cloud infrastructure as part of a unique data collection and analysis pipeline that delivers actionable intelligence to NETSCOUT solutions that are constantly updated. ATLAS Intelligence Feed fuels all Arbor DDoS protection products with intelligence on devices that are actively conducting DDoS attacks or are a part of specific DDoS attack infrastructures and botnets. This allows up to 80% of all DDoS attacks to be mitigated without the need for further analysis. 'IT buyers' security concerns signal a growing demand for integrated application protection and availability technologies to identify and mitigate DDoS threats,' said Chris Rodriguez, research director, security and trust, International Data Corporation (IDC). 'According to IDC buyer research conducted in April 2025, 41% of organizations stated that online attacks, including DDoS incidents, cost over $100,000 in damage, with 5% stating more than $1 million. With the increased use of AI/ML to launch cyber-attacks, organizations need to invest in intelligent solutions to continuously detect new attack types and threats to avoid costly damage to critical IT infrastructure.' The new enhancements to the Arbor Edge Defense and Arbor Enterprise Manager solution include new features to support deployment in demanding multi-site enterprise environments, and further automate the mitigation of sophisticated DDoS attacks: Strengthened data segmentation through scoped user access that allows administrators to limit the visibility of specific operations teams to specific defended locations and infrastructures. Automated IP protocol flooding detection and mitigation to block these evolving attacks when they occur. Enhanced DDoS dashboard that provides more detailed information, enabling even greater visibility and control for operations teams, even when defenses are automated. On-demand, automated reports ease the flow of information across security teams and their management. 'We're continually innovating to stay ahead of the growing array of DDoS cybersecurity threats as part of our Adaptive DDoS Protection strategy,' said Scott Iekel-Johnson, area vice president, DDoS and threat intelligence at NETSCOUT. 'With these enhancements, we're helping customers intelligently automate their defenses—delivering stronger protection against evolving DDoS attacks while simplifying how they manage and analyze threats.' Visit our website to learn more about our award-winning Adaptive DDoS Protection solutions. About NETSCOUT NETSCOUT SYSTEMS, INC. (NASDAQ: NTCT) protects the connected world from cyberattacks and performance and availability disruptions through its unique visibility platform and solutions powered by its pioneering deep packet inspection at scale technology. NETSCOUT serves the world's largest enterprises, service providers, and public sector organizations. Learn more at or follow @NETSCOUT on LinkedIn, X, or Facebook. ©2025 NETSCOUT SYSTEMS, INC. All rights reserved. Third-party trademarks mentioned are the property of their respective owners. Editorial Contacts: Active DMC for NETSCOUT netscoutme@
