Attack tactic
What happens in a typical Distributed Denial-of-Service (DDoS) attack. A website that suddenly stops? Time out of a login page? Not being able to reach an online service when you need it the most? These causes are not internal, and are attributed to DDoS attacks.
Cloudflare reported stopping a 7.3 Tb/s attack last year and said it addressed a 31.4 Tb/s attack in its Q4 2025 DDoS report. According to Microsoft, Azure also blocked a 15.72 Tb/s attack last year in October. The activity was linked to the Aisuru botnet.
Darkweb market selling and buying the service
For all these instances, dark web actors are fighting over the same buyers with pitches. Flare experts analyzed dark web operations and detailed API access, reseller options, botnet-based capacity, monthly plans, Cloudflare bypass claims, and game-server tactics.
A comparative analysis of the DDoS-related dark web operations from the first five months of 2023 and the first five months of 2026 demonstrate how rapidly that offer has evolved. Scripts, tutorials, leaked tools, and sporadic forum posts used to be more common, but these days they are more typically provided as recurring products that are simpler to purchase and use.
What is a DDoS attack?
A DDoS attack tries to crowd an application, network, server, or website with traffic from various servers at one time. Few attacks are aimed at network capacity, while the remaining emphasize on application layer resources like APIs and login pages. The aim is to dismantle any service or activity and make it unavailable, expensive to use, or unstable.
What is DDoS-as-a-service?
DDoS-as-a-service removes the barrier even further, a hacker can choose a victim, pay for accessing a web panel, select timeline, and depend on another person’s botnet, third-party attack infrastructure, or proxy network.
About the attack
A hosting company that employs Magic Transit to protect their IP network and is a Cloudflare user was the target of the attack. According to Cloudflare’s recent DDoS threat assessment, DDoS attacks are increasingly targeting hosting providers and vital Internet infrastructure.
An assault campaign from January and February of 2025 that launched over 13.5 million DDoS attacks on Cloudflare’s hosting providers and infrastructure was detailed by the experts on their blog.
Read the original article: