Cloudflare Blocks Record-Breaking 7.3 Tbps DDoS Attack – Source: www.infosecurity-magazine.com

The largest ever DDoS attack on record, reaching 7.3 Terabits per second (Tbps), was blocked by Cloudflare in Q2 2025.

This eclipses the previous largest DDoS attack observed, which Cloudflare recorded as 6.5Tbps in Q1 2025.

The 7.3Tbps attack lasted just 45 seconds, which Cloudflare warned is part of a pattern of threat actors increasingly relying on short, high intensity bursts.

“Threat actors often rely on brief bursts of concentrated traffic—sometimes lasting as little as 45 seconds as seen with the monumental 7.3 Tbps DDoS attack—in an attempt to avoid detection, overwhelm targets and cause maximum disruption before defenses can fully activate,” the firm wrote.

The company warned that hyper-volumetric DDoS attacks skyrocketed between April and June 2025, with the firm blocking 6500 such attacks, an average of 71 per day.

Additionally, the number of hyper-volumetric DDoS exceeding 100 million packets per second (pps) surged by 592% compared to the previous quarter, while the number exceeding 1 billion pps and 1Tbps doubled.

Hyper-volumetric attacks are defined as Layer 3/Layer 4 DDoS attacks exceeding 1 billion packets per second (Bpps) or 1 Tbps, and HTTP DDoS attacks exceeding 1 million requests per second (Mrps).

Despite the surge in hyper-volumetric attacks, the overall number of DDoS attacks dropped significantly in Q2 compared to Q1, from 20.5 million to 7.3 million.

Cloudflare revealed it blocked a total of 27.8 million DDoS attacks in the first six months of 2025, which is equivalent to 130% of all attacks it blocked in the full calendar year of 2024.

Significant Rise in Ransom DDoS

The report, dated July 16, found that the proportion of Cloudflare customers targeted by a ransom DDoS or were threatened, increased by 68% in Q2 compared to Q1.

Ransom DDoS occurs when attackers overwhelm a victim’s website with requests or traffic, and demanding a payment to stop the attack.

Most DDoS Attacks From Unknown Sources

Among organizations targeted by DDoS attacks in Q2, 71% revealed they didn’t know the identity of the attackers.

Of the remaining 29% who claimed to have identified the threat actor, 63% said it was a competitor, 21% identified state-sponsored attackers as the perpetrator and 5% said they had inadvertently attacked themselves.

The country which experienced the largest source of DDoS attacks was Indonesia, followed by Singapore, Hong Hong and Argentina. Ukraine and Russia made up the fifth and sixth highest sources, respectively.

The most attacked industries in Q2 were telecommunications, service providers and carriers. This was followed by the Internet sector, information technology and services, gaming and gambling.

Banking and financial services remained in sixth place from Q1, while retail went up one spot to seventh.