The scale of application-layer DDoS attacks targeting Russia surged sharply in January 2026, rising twentyfold compared to the same period last year.

Peak attack traffic surged from 2.16 million requests per minute in January 2025 to 44.2 million requests per minute this year, The Caspian Post reports, citing Russian media.

The attacks occurred in short bursts, each lasting no more than one minute, and were attributed to the giant Aisuru and Kimwolf botnets.

The total number of attacks increased by 22% year-on-year, while the maximum number of attacks targeting a single resource also rose by 22%. The number of unique targeted resources grew by 14%, reflecting a broader scope of cyber threats.

Eight companies were repeatedly targeted in both periods analyzed, with the intensity of attacks on each significantly higher in 2026. Cybercriminals focused on sectors including education, fast food, e-commerce, media, and transportation, highlighting the wide-ranging nature of the threat.