Internet security provider Cloudflare said that it has recently blocked the largest DDoS attack in recorded history, with one of its clients being targeted by a massive cyber assault that saw its IP address flooded with 7.3 Tbps of junk traffic. The total amount of data sent to the target was 37.4 terabytes, which might not seem incredible at first glance, says The Cloudflare Blog. However, the speed at which the amount of data is served is astounding, as it was all sent over in less than a minute. In context, 37.4TB translates roughly to 9,350 high-definition movies, over 9 million songs, or 12.5 million photos — transferred in just 45 seconds.
The attackers used multiple attack vectors, primarily exploiting User Datagram Protocol (UDP for its quick delivery method versus the usual TCP that most internet traffic uses. UDP is preferred in applications that require real-time response, such as video streaming, online gaming, and virtual meetings. That’s because it does not wait for the two devices talking over the internet to have a proper handshake. Instead, it sends the data and hopes the other party receives it. Because of this, UDP flood attacks are one of the most common tools in DDoS campaigns.
Because of this, the perpetrators could simply send traffic to all the ports on their target. Since the target must respond to each query, it would soon overwhelm its resources, especially with the massive amount of information transferred in this incident.
The threat actors also used reflection attacks to supplement their main push. This is also called a reflection/amplification attack, as it spoofs the target’s IP address and then requests information from a third-party, which can be a Network Time Protocol service or through the Quote of the Day (QOTD) or Echo protocols. The third party would then respond with the appropriate data and send it to the victim's address. If the attacker sends enough requests, it could overwhelm the target IP unless it uses proper protection.
Unfortunately, this isn’t the first time a record-breaking DDoS attack has happened recently. Microsoft was hit with a record-breaking 3.47 Tbps DDoS attack in January 2022, but this was surpassed in October 2024 with a 5.6 Tbps attack on an internet provider in East Asia. April 2025 again saw another massive attack, with a 6.5 Tbps assault lasting almost 49 seconds, which Cloudflare reported.
Although there are already protections to prevent DDoS attacks from knocking out servers and websites, many threat actors still use botnets with access to tens, if not hundreds, of thousands of compromised devices. After all, this is a relatively cheap and easy way of testing a target’s defenses, with some even using it to extort online businesses so that such attacks would not target them.
Follow Tom's Hardware on Google News to get our up-to-date news, analysis, and reviews in your feeds. Make sure to click the Follow button.
