Application-layer DDoS attacks soared in the second quarter of 2025, with the financial services sector emerging as the primary target, according to a new report by Qrator Labs. These attacks, which mimic legitimate user behavior and are difficult to detect, jumped by 74% compared to the same period last year.
Financial firms bore the brunt, accounting for 43.6% of the attacks. eCommerce platforms followed at 22.6%, while ICT services made up 18.2%. This spike aligns with the sector’s dependency on real-time digital transactions and uninterrupted online services.
The quarter also witnessed the appearance of the largest DDoS botnet ever recorded, comprising 4.6 million infected devices—more than 3.5 times larger than the previous record and nearly 20 times the biggest botnet from 2024.
“This surge stems from a vast number of high-speed internet-connected vulnerable devices,” said Andrey Leskin, CTO at Qrator Labs. “Botnets of this size can overwhelm services within moments, halting transactions and rendering digital operations unusable.”
Beyond application-layer incidents (Layer 7), attacks on network and transport layers (Layers 3 and 4) also intensified. Q2 saw 43% more attacks exceeding 1 Gbps year over year. Some of the longest attacks, aimed at online gambling platforms, lasted over four days.
Layer 7 DDoS attacks primarily used Request Rate Patterns. The top sources of such traffic remained consistent with previous years: Russia (17%), the United States (16.6%), and Brazil (13.2%). The most prolonged application-layer attack this quarter lasted 65.5 hours.
Qrator Labs advises companies to strengthen incident response protocols, invest in robust DDoS mitigation tools, and regularly conduct stress testing to prepare for potential threats. “Many providers aren’t equipped to stop attacks of this scale,” warned Leskin, “leaving even well-defended businesses vulnerable.”
Supporting this trend, a joint study by Akamai Technologies and FS-ISAC highlighted a 23% increase in application-layer DDoS attacks on financial institutions from 2023 to 2024. The sector continues to top the charts for volumetric attacks, with a dramatic surge recorded in October 2024.
Stay ahead of emerging cybersecurity threats. For the latest insights and updates on cloud security, follow SOC News.
News Source: ITPro.com
