On October 24, 2025, Microsoft Azure faced a record-breaking DDoS attack that peaked at 15.72 Tbps, targeting a single endpoint in Australia. The Aisuru botnet, responsible for this assault, has infected around 700,000 IoT devices, including home routers and security cameras. Microsoft’s global protection system successfully mitigated the attack, keeping customer services online despite the overwhelming flood of traffic. This incident highlights the growing threat posed by Aisuru, which has previously been linked to other massive DDoS incidents, including a 22.2 Tbps attack in September 2025 and a 6.3 Tbps attack on cybersecurity site KrebsOnSecurity. Aisuru’s operators strategically avoid high-profile targets like government and military sites to maintain operational security. The botnet has evolved beyond simple DDoS-for-hire services, now renting out infected devices as residential proxies. This shift allows cybercriminals to mask their activities, making malicious traffic appear legitimate. The use of these proxies has become a lucrative business, contributing to aggressive data harvesting and content scraping, as seen in the recent lawsuit by Reddit against proxy providers for enabling mass user data scraping. The infection methods often involve SDKs embedded in apps, which covertly convert user devices into traffic relays. This trend underscores a significant security issue: poorly secured IoT devices at home are increasingly being weaponized, posing risks not just to internet infrastructure but also to the unsuspecting users who own these devices.