Last year, there were 47.1 million distributed denial-of-service (DDoS) attacks worldwide, the most on record. The number of attacks more than tripled in two years.
According to Cloudflare's "Q4 2025 DDoS threat report" released on the 11th, the number of DDoS attacks surged 236% between 2023 and 2025. Last year, Cloudflare blocked an average of 5,376 DDoS attacks per hour. That was up 121% from a year earlier.
Of the DDoS attacks Cloudflare mitigated, 3,925 were network-layer DDoS attacks and 1,451 were HTTP DDoS attacks. In particular, network-layer attacks surged more than threefold, from 11.4 million in 2024 to 34.4 million last year.
The report said a so-called "Christmas Eve" DDoS attack campaign led by the Aisuru-Kimwolf botnet stood out in scale and speed among last year's DDoS attacks. On Dec. 19 last year, the botnet unleashed a large volumetric HTTP DDoS attack targeting Cloudflare customers as well as the Cloudflare dashboard and infrastructure. The attack rate exceeded 200 million requests per second (rps), the report said.
A botnet (a portmanteau of robot and network) is a so-called "zombie device army" made up of devices infected with malware, moving on an attacker's command. The Aisuru-Kimwolf botnet is estimated to consist of about 1 million to 4 million infected devices, including Android TVs. The report explained, "This is a scale capable of executing DDoS attacks that can paralyze critical infrastructure, take most existing cloud-based DDoS defense solutions down, and disrupt connectivity across an entire nation."
During the campaign, the peak rates of large volumetric DDoS attacks recorded were 9 billion packets per second, 24 trillion bits per second, and 205 million packets per second. According to Cloudflare, a DDoS attack of 205 million packets per second is comparable to the combined populations of the United Kingdom, Germany, and Spain all typing a website address and hitting "enter" at the exact same moment. During the campaign, there were a total of 902 ultra-large attacks, averaging 53 per day.
The report said, "Large volumetric DDoS attacks grew 700% last year from a year earlier," adding, "One of them reached 31.4 trillion bits per second in just 35 seconds, the largest attack on record."
By industry, telecommunications was hit by the most DDoS attacks. Information technology (IT) ranked second, gambling and casinos third, and gaming fourth. Cloudflare analyzed, "The most-targeted industries either play a critical infrastructure role or are highly financially sensitive to service outages or delays."