Yet Another Record-Breaking DDoS Botnet Attack Was Just Reported by Cloudflare

Writer: Jordan Sprogis

Jordan Sprogis, Contributing Expert

Jordan Sprogis is a creative writer and tech researcher who has been working on online content for the better part of a decade. She holds a bachelor's degree in professional writing from Western Connecticut State University and has devoted much of her career to crafting content for various web verticals, including CyberSpyder and The Echo. Since joining HostingAdvice, Jordan has combined her storytelling ability with her fascination for advancements in technology to pen over 500 articles geared toward industry pros and newcomers alike.

Editor: Lillian Castro

Lillian Castro, Senior Editor

Lillian Castro brings more than 30 years of editing and journalism experience to our team. She has written and edited for major news organizations, including The Atlanta Journal-Constitution and the New York Times, and she previously served as an adjunct instructor at the University of Florida. Today, she edits HostingAdvice content for clarity, accuracy, and reader engagement.

Reviewer: Cristian Lopez

Cristian Lopez, News Manager

Cristian Lopez uses his Business Marketing background from the University of Illinois at Chicago to create comfortable environments for customers, clients, and colleagues to share their thoughts and ideas openly. From interviewing tech leaders to conducting UX market research projects, Cristian knows the importance of storytelling — a key variable for innovation and inspiration. His goal at HostingAdvice is to wow readers on the ever-evolving nature of the tech industry and bring his audience the most reliable and exciting content on all things hosting.

Follow the HostingAdvice team for a daily dose of tech news, trending IT discussions, and interviews with the web's most innovative technologists.
Follow Us:
1k
1k

Cloudflare recently blocked yet another massive 40-second DDoS botnet attack at 22 terabits per second (Tbps) — a record-breaking number. The attack on Sept. 24 comes just weeks after Cloudflare reported the largest DDoS attack it had seen up to that point, peaking at 11.5 Tbps and lasting around 35 seconds.

While these floods don’t always knock targets fully offline, their scale alone should have the entire internet infrastructure industry on alert. When botnets nearly double their record attack volume in less than a month, it’s yet another reminder that the bar for DDoS defense has just been raised — again.

Some Defenses Are Struggling

Cloudflare took to X to update the masses on the 22 Tbps attack that occurred on Sept. 24: “Cloudflare just autonomously blocked hyper-volumetric DDoS attacks twice as large as anything seen on the Internet before — peaking at 22.2 Tbps & 10.6 Bpps. Can your mitigation provider’s scrubbing capacity handle that scale?”

It’s a fair question: The Sept. 24 attack originated from a massive botnet and surged to 10.6 billion packets per second (Bpps). And yet, Cloudflare’s data shows that it’s not just about higher volume, but about the pace. A 22 Tbps peak today could look small a year from now if attackers continue to expand their botnets and refine their tactics. (And they most certainly will.)

For hosts, there’s a classic challenge because, for every new record, that means there are higher costs to maintain mitigation. It’ll be especially pressing on shared infrastructure (multi-tenant hosting and reseller platforms) with guaranteed SLAs.

Cloudflare graph of DDoS attack
The Sept. 24 attack lasted 40 seconds at 22 Tbps per second. Source: Cloudflare

Further research by Qrator Labs shows attackers are changing their DDoS tactics, not just scaling volume: In Q2 2025, application-layer (L7) attacks spiked 74% year over year, compared with 43% growth at the network layer.

ResearchGate’s answer to this is layered defenses, which means blending human expertise with AI-driven detection.

This particular study compared traditional signature methods, anomaly detection, and machine learning, finding that ML delivered the highest detection accuracy (around 95%) but also introduced challenges with scalability and false positives, which is where human expertise comes in.

It’s as Arun Kumar, Senior Security Researcher at Fastly, told HostingAdvice: “You can’t secure what you can’t see, and without clear verification standards, AI-driven automation risks are becoming a blind spot for digital teams.”

If there’s anything to take from Cloudflare’s findings, it’s that DDoS defense isn’t something you set and forget. The attacks are evolving too quickly, so whether hosts have built their own stack or lean on a trusted vendor, they need to keep a close eye on what’s going on in today’s landscape.

About the Author

Contributing Expert

Jordan Sprogis is a creative writer and tech researcher who has been working on online content for the better part of a decade. She holds a bachelor's degree in professional writing from Western Connecticut State University and has devoted much of her career to crafting content for various web verticals, including CyberSpyder and The Echo. Since joining HostingAdvice, Jordan has combined her storytelling ability with her fascination for advancements in technology to pen over 500 articles geared toward industry pros and newcomers alike.

« BACK TO: BLOG

Meet the Experts

Our team of experts with a combined 50+ years of experience in web hosting serve insight and advice to more than 20 million users!

We Know Hosting

$

4

8

,

2

8

3

spent annually on web hosting!