Imagine a digital storm, a massive 15.72 terabits per second DDoS attack, the largest ever seen in the cloud, and Microsoft was there to weather it! But here’s the twist: this wasn’t just any attack, it was driven by a powerful botnet called AISURU, a force to be reckoned with in the world of IoT security.
Microsoft’s security team, led by Sean Whalen, revealed that this attack was an extreme UDP flood, targeting a specific IP address in Australia with over 500,000 source IPs from various regions. The attack was so intense that it nearly reached 3.64 billion packets per second!
But who was the target? That remains a mystery.
The AISURU botnet, powered by almost 300,000 infected devices, primarily routers, security cameras, and DVR systems, has been linked to some of the biggest DDoS attacks in history. NETSCOUT, in a recent report, classified this botnet as having a restricted clientele, with operators reportedly avoiding attacks on governmental, law enforcement, and military targets. Instead, most of their attacks seem to be focused on online gaming platforms.
And here’s where it gets controversial: AISURU isn’t just about DDoS attacks. It’s a multi-purpose tool, capable of facilitating other illicit activities like credential stuffing, AI-driven web scraping, spamming, and phishing. It even incorporates a residential proxy service, making it a versatile threat.
Microsoft warns that attackers are evolving with the internet itself. As internet speeds increase and IoT devices become more powerful, the potential for larger and more devastating attacks grows.
This disclosure comes at a time when NETSCOUT is also tracking another TurboMirai botnet, Eleven11 (or RapperBot), which has launched thousands of DDoS attacks using hijacked IoT devices. Some of the botnet’s command-and-control servers are registered with the “.libre” TLD, part of OpenNIC, an alternative DNS root.
The question remains: how can we protect ourselves from these evolving threats? And this is the part most people miss: it’s not just about defending against DDoS attacks, but also about securing our IoT devices and being vigilant against other forms of cyberattacks.
What do you think? Are we doing enough to secure our digital world? Share your thoughts in the comments below!