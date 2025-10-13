IoT, Threat Intelligence

US ISP-hosted IoT devices fuel Aisuru DDoS botnet

DDoS

(Adobe Stock Images)

The Aisuru distributed denial-of-service botnet's record-breaking attack last week that peaked at 29.6 Tbps has been primarily driven by breached Internet of Things devices on U.S. internet service providers, KrebsOnSecurity reports.

U.S.-based ISPs accounted for nearly a dozen of the 20 foremost traffic sources for the Aisuru botnet's DDoS intrusions, led by AT&T customers and followed by systems on Charter Communications, Comcast, T-Mobile, and Verizon, according to Global Secure Layer Principal Security Engineer Steven Ferguson. Ferguson, whose company's TCPShield DDoS protection service was also targeted by Aisuru, noted the extensive impact of the botnet's attacks. "For instance we have seen 500 gigabits of traffic via Comcasts network alone. This amount of egress leaving their network, especially being so US-East concentrated, will result in congestion towards other services or content trying to be reached while an attack is ongoing," said Ferguson. Meanwhile, Aisuru's growth was noted by Netscout Principal Engineer Roland Dobbins to necessitate "effective and universal outbound DDoS attack suppression."

