Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Microsoft Azure hit by cyberattack linked to Aisuru botnet

Incident
First reported
Last updated
Happening score
H score 14
1 unique sources, 1 articles

Summary

Hide ▲

Microsoft Azure was hit by a 15.72 Tbps DDoS attack, disrupting a public-facing target in Australia and underscoring the scale of the ongoing botnet threat. The flood came from over 500,000 IP addresses and peaked near 3.64 billion packets per second. The attack was attributed to the Aisuru botnet.

Related Happenings

FBI, DOJ, and Poland take FrostArmada infrastructure offline

Law Enforcement
First: 07.04.2026 18:51 Last: 07.04.2026 18:51 Sources 1

About this happening: Authorities carried out a **takedown** of **FrostArmada** infrastructure, disrupting an **APT28** credential-theft operation that hijacked router traffic to steal Microsoft logins...

Open Happening

APT28 FrostArmada DNS hijacking and AitM credential theft campaign

Campaign
First: 07.04.2026 18:51 Last: 07.04.2026 18:51 Sources 1

About this happening: A multinational disruption effort has taken down **FrostArmada**, an **APT28** campaign that hijacked router DNS settings to steal **Microsoft account credentials** and OAuth toke...

Open Happening

Aisuru, KimWolf, JackSkid, and Mossad botnet C2 takedown

Law Enforcement
First: 20.03.2026 10:05 Last: 20.03.2026 10:05 Sources 1

About this happening: The **U.S. Department of Justice** announced the arrest of **Jacob Butler (aka Dort)**, a **23-year-old** in **Ottawa, Canada**, for allegedly developing and operating the **Kimwo...

Open Happening

Operation Lightning takedown of SocksEscort proxy service

Law Enforcement
First: 13.03.2026 12:00 Last: 13.03.2026 12:00 Sources 1

About this happening: International law enforcement partners **dismantled** the **SocksEscort** proxy service in **Operation Lightning**, disrupting a cybercrime network used to hide originating IP add...

Open Happening

SocksEscort criminal proxy-service ecosystem monetizing residential routers

Threat Actor Meta
First: 13.03.2026 07:26 Last: 13.03.2026 07:26 Sources 1

About this happening: The **SocksEscort** proxy-service ecosystem turned compromised residential routers into a rentable abuse platform, letting criminal customers hide behind **369,000 IP addresses**...

Open Happening

Timeline

  1. 17.11.2025 19:13 2 articles · 6mo ago

    Microsoft Azure hit by cyberattack linked to Aisuru botnet

    Initial Disclosure

    **Microsoft Azure** was targeted by a **15.72 Tbps DDoS attack** from the **Aisuru botnet**, with traffic also aimed at a specific public IP in **Australia**. The flood originated from **over 500,000 IP addresses** and reached nearly **3.64 billion packets per second**.

    Show sources
    Open in new tab