← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Aisuru botnet: Early October attacks escalate into record-setting DDoS activity
The Aisuru botnet, a notably advanced Internet of Things (IoT)-based threat, has rapidly expanded to approximately 500,000 compromised devices, doubling in size within a month. The botnet employs a multifaceted infection strategy, which may include a firmware supply-chain compromise, to grow its network. By late October 2025, Aisuru had executed one of the largest and most sustained DDoS (Distributed Denial of Service) attacks on record, detected by Cloudflare. The attack involved a diverse array of devices, such as routers, DVRs, internet-connected cameras, and firewall appliances.
Cloudflare's analysis highlights a significant surge in hyper-volumetric DDoS attacks, primarily characterized by UDP (User Datagram Protocol) flood techniques. The DDoS attack record escalated dramatically from 4.2 Tbps in October 2024 to an unprecedented 29.7 Tbps just a year later-a staggering increase of 707%.
MITRE ATT&CK & Malware Families
Indicators of Compromise (44)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| FileHash-MD5 | 5b1b228bb0d1ebf3ef477141013b7a86 | MD5 of 08717d85a8a296279c2d2b792a33714d216a9de1950173d603222f78da9b9ca5 | 2025-12-21 | |
| FileHash-SHA1 | 053a0abe0600d16a91b822eb538987bca3f3ab55 | SHA1 of 08717d85a8a296279c2d2b792a33714d216a9de1950173d603222f78da9b9ca5 | 2025-12-21 | |
| FileHash-SHA256 | 08717d85a8a296279c2d2b792a33714d216a9de1950173d603222f78da9b9ca5 | — | 2025-12-21 | |
| domain | tiananmensquare1989.su | — | 2025-12-21 | |
| hostname | dvrxpert.tiananmensquare1989.su | — | 2025-12-21 | |
| FileHash-MD5 | 1f4eccfecef1ddf7c35d2f55c70550ee | MD5 of 50d3806f47d3f701d5f1f93bf39f827f936e3d1f43fa2cd8408db9655d53fb83 | 2025-12-21 | |
| FileHash-MD5 | 4e8ca1efff2e4b79fb7db95d3971caaa | MD5 of 201d872e05f45062f3b18f1cb2bca7d5fe3811e7e6d4b8616d565a011fba091d | 2025-12-21 | |
| FileHash-MD5 | 72616e99230dab898ba193741a0b5d35 | MD5 of 7a5a5c813d636d96906fb4bf8f76c7f296a467dca756e92450f32dc69d781b71 | 2025-12-21 | |
| FileHash-MD5 | bf06011784990b3cca02fe997ff9b33d | MD5 of 90e3b997161e33c6485b48182073a864dd3d0775ab96cadbf1b7c9dd4821c6d1 | 2025-12-21 | |
| FileHash-SHA1 | 08e9620a1b36678fe8406d1a231a436a752f5a5e | SHA1 of 7a5a5c813d636d96906fb4bf8f76c7f296a467dca756e92450f32dc69d781b71 | 2025-12-21 | |
| FileHash-SHA1 | 09894c3414b42addbf12527b0842ee7011e70cfd | SHA1 of 90e3b997161e33c6485b48182073a864dd3d0775ab96cadbf1b7c9dd4821c6d1 | 2025-12-21 | |
| FileHash-SHA1 | 26e9e38ec51d5a31a892e57908cb9727ab60cf88 | SHA1 of 201d872e05f45062f3b18f1cb2bca7d5fe3811e7e6d4b8616d565a011fba091d | 2025-12-21 | |
| FileHash-SHA1 | 616a3bef8b0be85a3c2bc01bbb5fb4a5f98bf707 | SHA1 of 50d3806f47d3f701d5f1f93bf39f827f936e3d1f43fa2cd8408db9655d53fb83 | 2025-12-21 | |
| FileHash-SHA256 | 201d872e05f45062f3b18f1cb2bca7d5fe3811e7e6d4b8616d565a011fba091d | — | 2025-12-21 | |
| FileHash-SHA256 | 50d3806f47d3f701d5f1f93bf39f827f936e3d1f43fa2cd8408db9655d53fb83 | — | 2025-12-21 | |
| FileHash-SHA256 | 7a5a5c813d636d96906fb4bf8f76c7f296a467dca756e92450f32dc69d781b71 | — | 2025-12-21 | |
| FileHash-SHA256 | 90e3b997161e33c6485b48182073a864dd3d0775ab96cadbf1b7c9dd4821c6d1 | — | 2025-12-21 | |
| domain | 14emeliaterracewestroxburyma02132.su | — | 2025-12-21 | |
| domain | 6mv1eyr328y6due83u3js6whtzuxfyhw.su | — | 2025-12-21 | |
| domain | dvrinside.net | — | 2025-12-21 | |
| domain | feds2door.su | — | 2025-12-21 | |
| domain | ilovegaysex.su | — | 2025-12-21 | |
| domain | updatetoto.tw | — | 2025-12-21 | |
| hostname | 2.tiananmensquare1989.su | — | 2025-12-21 | |
| hostname | a.6mv1eyr328y6due83u3js6whtzuxfyhw.su | — | 2025-12-21 | |
| hostname | approach.dvrinside.net | — | 2025-12-21 | |
| hostname | approach.ilovegaysex.su | — | 2025-12-21 | |
| hostname | arf.santasbigcandycane.ru | — | 2025-12-21 | |
| hostname | ballsack.14emeliaterracewestroxburyma02132.su | — | 2025-12-21 | |
| hostname | busybox.feds2door.su | — | 2025-12-21 | |
| hostname | coerece.dvrinside.net | — | 2025-12-21 | |
| hostname | coerece.ilovegaysex.su | — | 2025-12-21 | |
| hostname | epson.ilovegaysex.su | — | 2025-12-21 | |
| hostname | eviate-lives-at.14emeliaterracewestroxburyma02132.su | — | 2025-12-21 | |
| hostname | lane.dvrinside.net | — | 2025-12-21 | |
| hostname | lane.ilovegaysex.su | — | 2025-12-21 | |
| hostname | ministry.dvrinside.net | — | 2025-12-21 | |
| hostname | ministry.ilovegaysex.su | — | 2025-12-21 | |
| hostname | nfs.santasbigcandycane.ru | — | 2025-12-21 | |
| hostname | re.santasbigcandycane.ru | — | 2025-12-21 | |
| hostname | s.cuckstudios.su | — | 2025-12-21 | |
| hostname | stevenfromcoinbase.fk3.su | — | 2025-12-21 | |
| hostname | testlmaololwtf.tiananmensquare1989.su | — | 2025-12-21 | |
| URL | http://209.38.218.0 | — | 2025-12-21 |