Internet Shaken by Massive 7.3 Tbps DDoS Assault, Sending 4.8 Billion Packets Every Second

Cybersecurity firm Cloudflare has reported blocking the largest distributed denial-of-service (DDoS) attacks ever recorded during the second quarter of 2025, with one devastating assault reaching 7.3 terabits per second (Tbps) and generating 4.8 billion packets per second.

The attack, lasting just 45 seconds, marks a new milestone in the escalating cyber threat landscape, which continues to target critical internet infrastructure worldwide.

Hyper-Volumetric Attacks Surge to Unprecedented Levels

The second quarter of 2025 witnessed an explosion in hyper-volumetric DDoS attacks, with Cloudflare automatically blocking over 6,500 such incidents, averaging 71 attacks per day.

These massive assaults include Layer 3/4 attacks exceeding 1 billion packets per second or 1 Tbps, alongside HTTP attacks surpassing 1 million requests per second.

Despite an overall decrease in total DDoS attacks to 7.3 million in Q2 (down from 20.5 million in Q1), the attacks have grown significantly more powerful.

The number of attacks exceeding 100 million packets per second surged by 592% compared to the previous quarter, while those exceeding 1 billion packets per second and 1 Tbps doubled.

June emerged as the most active month for DDoS activity, accounting for nearly 38% of all observed attacks.

One notable incident involved an independent Eastern European news outlet that was targeted after it covered a local Pride parade during LGBTQ Pride Month.

Evolving Attack Vectors and Botnet Sophistication

The threat landscape has shifted dramatically toward virtual machine-based botnets, which researchers estimate to be 5,000 times more potent than traditional IoT-based botnets.

In Q2 2025, 71% of HTTP DDoS attacks were launched by known botnets, with German-based Drei-K-Tech-GmbH (AS200373) emerging as the top source network.

DNS flood attacks dominated Layer 3/4 vectors, accounting for nearly one-third of all network-layer DDoS attacks, followed by SYN floods at 27%.

Meanwhile, emerging threats showed dramatic increases, with Teeworlds flood attacks jumping 385% quarter-over-quarter and RIPv1 floods surging 296%.

Critical Infrastructure Under Sustained Pressure

The telecommunications sector bore the brunt of attacks, with telecommunications service providers and Carriers claiming the top spot as the most targeted industry.

Ransom DDoS attacks also increased significantly, with 68% more customers reporting threats compared to the previous quarter.

Indonesia topped the list of attack sources, followed by Singapore and Hong Kong; however, experts emphasize that these rankings reflect botnet node locations rather than actual threat actor origins.

The attacks were automatically detected and blocked by Cloudflare’s autonomous defense systems, protecting customers across more than 330 cities worldwide.