NSFOCUS in SAS 2025: Unveiling Secrets Behind Large-Scale DDoS Attacks on AI Platform and Social Media

NSFOCUS in SAS 2025: Unveiling Secrets Behind Large-Scale DDoS Attacks on AI Platform and Social Media

novembro 4, 2025 | NSFOCUS

SANTA CLARA, Calif., November 4, 2025 – The 18th Global Security Analyst Summit (SAS) concluded successfully in Khao Lak, Thailand. Focused on the complexity of APT attacks, the summit exposed the latest attack activities from Hacking Team and disclosed multiple major security risk incidents. It gathered top global cybersecurity experts, academic elites, and law enforcement representatives to discuss future cybersecurity trends and response strategies.

NSFOCUS security researchers were invited to attend the summit with presentations on cybersecurity risks and protection technologies related to AI infrastructure. Lan Xing and Zhao Guangyuan, senior researchers from NSFOCUS’s Fuying Lab, along with Wu Tiejun, the laboratory’s chief researcher, participated in the conference exchanges.

NSFOCUS Unveils In-depth Analysis of Large-Scale DDoS Attacks

The team conducted in-depth analysis of the large-scale DDoS attacks targeting an AI large language model platform and X.com. They systematically elaborated on the security challenges AI infrastructure faces when confronting ultra-large-scale attacks and shared NSFOCUS’s latest research achievements in DDoS monitoring and protection technologies, as well as botnet monitoring and governance—fully demonstrating the company’s leading technical strength.

Lan Xing systematically dissected the process of this large-scale DDoS attack. Through in-depth analysis of attack traffic, he revealed the attackers’ toolchains, attack patterns, and the characteristics of their underlying infrastructure.

Zhao Guangyuan provided a comprehensive analysis of two botnets—HailBot and RapperBot. They were first named and tracked by NSFOCUS’s Fuying Lab. He delved into their roles in the attack chain, stealthy countermeasures, command-and-control methods, and key tactics employed in large-scale DDoS attacks.

Previous posts:

Mirai Botnet’s New Wave: hailBot,kiraiBot, catDDoS, and Their Fierce Onslaught – NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks.

US Officials Claim to Have Gained Control of the RapperBot – NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks.

Vulnerabilities of AI Infrastructure Highlighted

In the analysis of DDoS attacks and botnets, NSFOCUS Fuying Lab emphasized the vulnerabilities of AI infrastructure and API-driven architectures when facing large-scale attacks:

  • Vulnerability of AI service models: Attackers can quickly consume system resources through a large number of requests, disrupting normal services.
  • Scalability issues of API-driven architectures: Open API architectures allow attackers to easily expand the attack surface, increasing defense difficulties.
  • Threat of traditional attack methods: Despite the attention on new attack methods like model poisoning and prompt injection, traditional DDoS attacks remain highly effective and can paralyze AI systems.

Through its participation in SAS 2025, NSFOCUS once again demonstrated its strong research capabilities and technical depth in the cybersecurity. The research achievements have not only gained high recognition from international audience but also injected new ideas and momentum into the development of DDoS monitoring and protection, botnet monitoring and governance, and APT attack detection.