What site was attacked? I don't think the article mentions it.

Found stuff
"Telefonica Brazil (AS27699) accounted for the largest portion of the DDoS attack traffic, responsible for 10.5% of the total. Viettel Group (AS7552) follows closely with 9.8%, while China Unicom (AS4837) and Chunghwa Telecom (AS3462) contributed 3.9% and 2.9% respectively. China Telecom (AS4134) accounted for 2.8% of the traffic."

The disclosure comes as the QiAnXin XLab team said the DDoS botnet tracked as RapperBot was behind an attack aimed at artificial intelligence (AI) company DeepSeek in February 2025, and that the latest samples of the malware attempt to extort victims, demanding they pay "protection fees" to avoid being targeted by DDoS attacks in the future.

China, the United States, Israel, Mexico, the United Kingdom, Greece, Iran, Australia, Malaysia, and Thailand are the primary countries where devices infected by RapperBot are located. The botnet is known to be active since 2022.

Massive 7.3 Tbps DDoS Attack Delivers 37.4 TB in 45 Seconds, Targeting Hosting Provider

Cloudflare blocks record 7.3 Tbps DDoS attack, targeting hosting provider, with 122,145 source IPs across 161 countries.

The Hacker News (thehackernews.com)

It seems Deepseek has been a target for a while. Possibly to eliminate competition and national security since there is a govt AI push.

What site was attacked? I don't think the article mentions it.

Found stuff
"Telefonica Brazil (AS27699) accounted for the largest portion of the DDoS attack traffic, responsible for 10.5% of the total. Viettel Group (AS7552) follows closely with 9.8%, while China Unicom (AS4837) and Chunghwa Telecom (AS3462) contributed 3.9% and 2.9% respectively. China Telecom (AS4134) accounted for 2.8% of the traffic."

The disclosure comes as the QiAnXin XLab team said the DDoS botnet tracked as RapperBot was behind an attack aimed at artificial intelligence (AI) company DeepSeek in February 2025, and that the latest samples of the malware attempt to extort victims, demanding they pay "protection fees" to avoid being targeted by DDoS attacks in the future.

China, the United States, Israel, Mexico, the United Kingdom, Greece, Iran, Australia, Malaysia, and Thailand are the primary countries where devices infected by RapperBot are located. The botnet is known to be active since 2022.

Massive 7.3 Tbps DDoS Attack Delivers 37.4 TB in 45 Seconds, Targeting Hosting Provider

Cloudflare blocks record 7.3 Tbps DDoS attack, targeting hosting provider, with 122,145 source IPs across 161 countries.

The Hacker News (thehackernews.com)

It seems Deepseek has been a target for a while. Possibly to eliminate competition and national security since there is a govt AI push.

What site was attacked? I don't think the article mentions it.

Found stuff
"Telefonica Brazil (AS27699) accounted for the largest portion of the DDoS attack traffic, responsible for 10.5% of the total. Viettel Group (AS7552) follows closely with 9.8%, while China Unicom (AS4837) and Chunghwa Telecom (AS3462) contributed 3.9% and 2.9% respectively. China Telecom (AS4134) accounted for 2.8% of the traffic."

The disclosure comes as the QiAnXin XLab team said the DDoS botnet tracked as RapperBot was behind an attack aimed at artificial intelligence (AI) company DeepSeek in February 2025, and that the latest samples of the malware attempt to extort victims, demanding they pay "protection fees" to avoid being targeted by DDoS attacks in the future.

China, the United States, Israel, Mexico, the United Kingdom, Greece, Iran, Australia, Malaysia, and Thailand are the primary countries where devices infected by RapperBot are located. The botnet is known to be active since 2022.

Massive 7.3 Tbps DDoS Attack Delivers 37.4 TB in 45 Seconds, Targeting Hosting Provider

Cloudflare blocks record 7.3 Tbps DDoS attack, targeting hosting provider, with 122,145 source IPs across 161 countries.

The Hacker News (thehackernews.com)

It seems Deepseek has been a target for a while. Possibly to eliminate competition and national security since there is a govt AI push.

The botnet is most likely build by exploiting vulnerable routers or cameras. Adding these devices to a overall botnet. What do you think?

CloudFlare keeps blocking me, so I take their accomplishments with a grain of salt.

Their mitigation comes at the cost of legitimate users being blocked, despite correctly identifying the bicycles in 16 different captchas in a row...