Cloudflare Blocks Record 7.3 Tbps DDoS Attack
Home » Emerging technologies » Cyber Security » Cloudflare Blocks Record 7.3 Tbps DDoS Attack
Cloudflare has revealed that it blocked the largest Distributed Denial-of-Service (DDoS) attack ever recorded in mid-May 2025. The attack peaked at 7.3 terabits per second (Tbps), surpassing previously recorded threats.
This news follows the company's Q1 2025 DDoS threat report, released on April 27, which highlighted major attacks reaching 6.5 Tbps and 4.8 billion packets per second (pps).
The target was a hosting provider using Cloudflare's Magic Transit service to protect its IP network. Attacks on hosting and infrastructure providers are reportedly increasing, according to Cloudflare's threat report.
The 7.3 Tbps attack transferred 37.4 terabytes of data in just 45 seconds. This is equivalent to: Streaming 7,480 hours of HD video nonstop
Downloading 9.35 million songs in under a minute
Cloudflare's systems detected and blocked the attack automatically, ensuring zero service disruption.
The attack used a newly emerging method exploiting HTTP/2, a common web protocol. At its peak, it delivered over 200 million requests per second, aiming to overwhelm robust infrastructure.
Cloudflare reported that the attack: Targeted an average of 21,925 ports on a single IP address
Peaked at 34,517 destination ports per second
Originated from over 122,145 source IPs across 5,433 autonomous systems in 161 countries
About 50% of the traffic came from Brazil and Vietnam. Other sources included Taiwan, China, Indonesia, Ukraine, Ecuador, Thailand, the U.S., and Saudi Arabia.
The multivector attack was mostly composed of UDP floods, with smaller volumes of QOTD reflection, Echo, NTP, Mirai, Portmap, and RIPv1 amplification attacks.
To help providers respond to such threats, Cloudflare offers a free DDoS Botnet Threat Feed. Over 600 global organizations have subscribed to this API-based feed to identify abusive IPs within their networks.
Cloudflare confirmed that its DDoS protection systems neutralized the threat without human intervention, alerts, or incidents. The company emphasized its commitment to building a safer Internet and providing free, unmetered DDoS protection.
Cloudflare's global network spans over 300 cities in more than 100 countries. Its automated systems are designed to respond quickly and effectively to evolving cyber threats.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Arabian Post
4 days ago
- Arabian Post
Cloudflare and OpenAI Unite to Power Persistent AI Agents
Cloudflare and OpenAI have unveiled a powerful integration enabling developers to build intelligent, stateful AI agents that combine OpenAI's reasoning with Cloudflare's scalable execution infrastructure. By pairing the OpenAI Agents SDK with Cloudflare's new Agents SDK and foundational technologies like Durable Objects and Workers, the collaboration delivers global reach, persistent memory, and human‑in‑the‑loop interaction, all within a serverless framework. The synergy addresses a key shortcoming of stateless AI agents. OpenAI's Agents SDK offers advanced cognition—planning, tool‑calling, decision‑making—yet leaves execution environment and persistence to the developer. Cloudflare's solution fills that gap: its Agents SDK runs atop Workers and Durable Objects, providing each agent a unique identity, durable memory store, built‑in scheduling, WebSocket connectivity and global low‑latency execution. Durable Objects act as the agent container. Each instantiation—based on a name or unique ID—carries its own state and storage, enabling multi‑session workflows, memory hydration, and asynchronous execution. Developers can create one agent per user, task, or domain, avoiding state entanglement while fostering modular, composable agent systems. For instance, one could build a triage agent that routes queries to specialist agents, each maintaining separate memory and logic. ADVERTISEMENT A standout feature is scalability through human‑in‑the‑loop control. Cloudflare's architecture enables agents to pause mid‑workflow, await human judgment, and resume—persisting intermediate steps and context across sessions. Knock, a third‑party messaging layer, exemplifies this. Developers have built virtual card‑issuing workflows where the AI agent pauses for approval before issuing a card—managed via Knock plus Cloudflare's SDK. Another innovation: agents are addressable beyond HTTP. Cloudflare's system supports Twilio‑backed phone‑call integrations, WebSocket real‑time sessions, email and pub/sub. This opens rich, multimodal use cases—voice, text, email—bound by a globally unique agent identity. Complementing these developments, a remote Model Context Protocol server has been introduced. Cloudflare now allows agents to host MCP servers directly, enabling structured tool integration and external service access via authenticated, remote endpoints using MCPAgent. The MCP feature dovetails neatly with Cloudflare's recent release of a free tier for Durable Objects and general availability of multi‑step Workflows, lowering the entry barrier for developers. Addition of the OpenAI Agents SDK and Responses API further enriches the landscape. OpenAI's Responses API supports dynamic web search, file system access and system‑level tasks; the Agents SDK coordinates multi‑agent orchestration. Paired with Cloudflare's persistent runtime, this empowers developers to build AI agents capable of real‑time research, memory‑backed workflows and inter‑agent communication. Underpinning this integration is Cloudflare's acquisition of Outerbase in April, a database platform company. The acquisition strengthens data infrastructure within Workers, Durable Objects and the Agents SDK—helping developers build rich, contextual, database‑backed AI systems. This move boosts long‑term memory storage and retrieval critical for agents maintaining evolving user context. Industry observers are taking notice. A Medium commentary described the duo as 'perfect complements: OpenAI's Agents SDK gives you the brain, the other gives you the body'. Cloudflare's CEO Matthew Prince emphasised that these developments remove 'cost and complexity barriers' to agent deployment, calling the MCP server release 'the industry's first remote MCP server'. Developers working with the Agents SDK can bootstrap agent projects via common workflows: installing via npm or using the agents‑starter template, extending the core Agent class to handle HTTP, WebSocket, scheduled tasks, SQL storage, and tool invocation. Integration with front‑end frameworks is supported through useAgent and useAgentChat React hooks, offering real‑time UI connections. Looking ahead, Cloudflare promises further enhancements: evaluation tooling, voice and video interactivity via WebRTC, richer email integration for human supervision, self‑hosting capabilities, structured output support, and deeper embedding with Worker AI, Vectorize, Log Explorer and AI Gateway. The evolving field of AI agents is entering a new phase—no longer demonstrations, but operational systems able to remember, adapt, collaborate, and operate at global scale. By combining cognitive reasoning with robust orchestration and persistence, developers are empowered to deploy production‑ready agents that are stateful, interactive and distributed. That shift stands to redefine automation, customer support, education, workflows and more—lowering development barriers, increasing resilience, and enabling agents that truly work on behalf of users across time, platforms and modalities.
TECHx
5 days ago
- TECHx
Cloudflare Blocks Record 7.3 Tbps DDoS Attack
Home » Emerging technologies » Cyber Security » Cloudflare Blocks Record 7.3 Tbps DDoS Attack Cloudflare has revealed that it blocked the largest Distributed Denial-of-Service (DDoS) attack ever recorded in mid-May 2025. The attack peaked at 7.3 terabits per second (Tbps), surpassing previously recorded threats. This news follows the company's Q1 2025 DDoS threat report, released on April 27, which highlighted major attacks reaching 6.5 Tbps and 4.8 billion packets per second (pps). The target was a hosting provider using Cloudflare's Magic Transit service to protect its IP network. Attacks on hosting and infrastructure providers are reportedly increasing, according to Cloudflare's threat report. The 7.3 Tbps attack transferred 37.4 terabytes of data in just 45 seconds. This is equivalent to: Streaming 7,480 hours of HD video nonstop Downloading 9.35 million songs in under a minute Cloudflare's systems detected and blocked the attack automatically, ensuring zero service disruption. The attack used a newly emerging method exploiting HTTP/2, a common web protocol. At its peak, it delivered over 200 million requests per second, aiming to overwhelm robust infrastructure. Cloudflare reported that the attack: Targeted an average of 21,925 ports on a single IP address Peaked at 34,517 destination ports per second Originated from over 122,145 source IPs across 5,433 autonomous systems in 161 countries About 50% of the traffic came from Brazil and Vietnam. Other sources included Taiwan, China, Indonesia, Ukraine, Ecuador, Thailand, the U.S., and Saudi Arabia. The multivector attack was mostly composed of UDP floods, with smaller volumes of QOTD reflection, Echo, NTP, Mirai, Portmap, and RIPv1 amplification attacks. To help providers respond to such threats, Cloudflare offers a free DDoS Botnet Threat Feed. Over 600 global organizations have subscribed to this API-based feed to identify abusive IPs within their networks. Cloudflare confirmed that its DDoS protection systems neutralized the threat without human intervention, alerts, or incidents. The company emphasized its commitment to building a safer Internet and providing free, unmetered DDoS protection. Cloudflare's global network spans over 300 cities in more than 100 countries. Its automated systems are designed to respond quickly and effectively to evolving cyber threats.
Tahawul Tech
19-06-2025
- Tahawul Tech
Cloudflare celebrates the 11th anniversary of its iconic free cybersecurity program Galileo
Cloudflare commemorates the 11th anniversary of Project Galileo, its flagship initiative delivering free cybersecurity protection to at‑risk public‑interest organizations across the globe. Since launching in June 2014, the program has defended journalists, human‑rights groups, independent media, environmental activists, and others working on the frontlines of democracy, civil society, and environmental justice. Highlights of Project Galileo's Eleventh Year: An interactive Cloudflare Radar report providing insights into the cyber threats faced by at-risk public interest organizations protected under the project. An expanded commitment to digital rights in the Asia-Pacific region with two new Project Galileo partners. New stories from organizations protected by Project Galileo working on the frontlines of civil society, human rights, and journalism from around the world. Tracking and reporting on cyberattacks with the Project Galileo 11th anniversary Radar report To mark Project Galileo's 11th anniversary, Cloudflare published a new Radar report that shares data on cyberattacks targeting organizations protected by the program. It provides insights into the types of threats these groups face, with the goal of better supporting researchers, civil society, and vulnerable groups by promoting the best cybersecurity practices. Key insights include: A growing trend in DDoS attacks against these organizations, becoming more common than attempts to exploit traditional web application vulnerabilities. Between May 1, 2024, to March 31, 2025, Cloudflare blocked 108.9 billion cyber threats against organizations protected under Project Galileo. This is an average of nearly 325.2 million cyber attacks per day over the 11-month period, and a 241% increase from our 2024 Radar report. Journalists and news organizations experienced the highest volume of attacks, with over 97 billion requests blocked as potential threats across 315 different organizations. The peak attack traffic was recorded on September 28, 2024. Ranked second was the Human Rights/Civil Society Organizations category, which saw 8.9 billion requests blocked, with peak attack activity occurring on October 8, 2024. Cloudflare onboarded the Belarusian Investigative Center, an independent journalism organization, on September 27, 2024, while it was already under attack. A major application-layer DDoS attack followed on September 28, generating over 28 billion requests in a single day. Many of the targets were investigative journalism outlets operating in regions under government pressure (such as Russia and Belarus), as well as NGOs focused on combating racism and extremism, and defending workers' rights. Tech4Peace, a human rights organization focused on digital rights, was targeted by a 12-day attack beginning March 10, 2025, that delivered over 2.7 billion requests. The attack saw prolonged, lower-intensity attacks and short, high-intensity bursts. This deliberate variation in tactics reveals a coordinated approach, showing how attackers adapted their methods throughout the attack. The full Radar report includes additional information on public interest organizations, human and civil rights groups, environmental organizations, and those involved in disaster and humanitarian relief. The dashboard also serves as a valuable resource for policymakers, researchers, and advocates working to protect public interest organizations worldwide. Global partners are the key to Project Galileo's continued growth Partnerships are central to the success of Project Galileo. Cloudflare relies on a network of 56 trusted civil society organizations around the world to identify and support groups that would benefit from its cybersecurity protection. With the help of these partners, the company continues to expand its reach, delivering vital tools and resources to communities most in need of digital defense. Continuing Support for Vulnerable Groups Worldwide In 2025, many of Cloudflare's Project Galileo partners have faced significant funding cuts, impacting their ability to support communities, defend human rights, and uphold democratic values. Amid these financial and logistical challenges, maintaining protection for these essential services has become more critical than ever. Cloudflare expresses gratitude to its civil society partners who continue to play a vital role in identifying at-risk organizations in need of support. Together, they are working toward a more secure, resilient, and open Internet for all. To learn more about Project Galileo and its global impact, visit Project Galileo case studies can be found here.
