AISURU Botnet, What is it and why is it important to UK Rust.

You have all by now noticed a degradation in services whilst playing on UK Rust from time to time, with players experiencing severe lag for short periods of time, and unexpected disconnections and being to connect to the server, so what's this all about, and why they picking on us? and how can I explain it?

The Siege of the Digital Citadel Imagine a fortified city, representing global game servers, surrounded by a glowing moat of data. Inside the walls, Rust servers, Steam authentication nodes, and DDoS protection towers stand vigilant.

Suddenly, the horizon darkens. Thousands of flickering silhouettes, compromised IoT devices rise like a swarm. Each device launches streams of red energy, converging into a tidal wave of traffic. The city’s defences (firewalls, scrubbing nodes, packet filters) light up in blue, trying to absorb the impact.

• Steam’s gates flicker, authentication falters.

• Rust’s towers stutter, PvP freezes mid-fight.

• Cloudflare’s shield cracks, rerouting traffic in real time.

• Physgun’s relay nodes pulse, struggling to stay online.

Above the chaos, three masked figures "Snow", "Tom", and "Forky", Creators of the AISURU Botnet watch from a digital cliff, watching the chaos unfold, and their bank balances swell...... Ok so this is a dramatisation of what's happening but it helps answer some simple questions. So what is actually happening in the real world. What’s Causing the Lag?

The primary culprit is a surge in Distributed Denial of Service (DDoS) attacks targeting game server infrastructure. These attacks flood servers with fake traffic, making it impossible for legitimate player data to get through. The result: sky-high ping, rubber banding, ignored commands, and disconnections.

Key technical causes include:

• Bandwidth Saturation: Servers have limited input capacity. When flooded with billions of packets per second, they drop legitimate traffic to stay online.

• CPU Overload: Servers must inspect every incoming packet. During attacks, this overwhelms processing capacity, causing delays and freezes.

• Routing Congestion: Attacks often spill over into upstream ISPs and DDoS mitigation services, affecting even players not directly connected to the target server.

Unprecedented DDoS Attacks

Recent months have seen the largest DDoS attacks ever recorded:

These attacks are often short (30–60 seconds) but intense, making them hard to mitigate in real time. They use TCP carpet bombing and UDP floods to mimic legitimate traffic, bypassing traditional defences.

Who’s Behind It?

Many of these attacks are attributed to the AISURU botnet, operated by a small cybercriminal group using over 300,000 compromised IoT devices. Their motives range from selling DDoS-for-hire services to ideological disruption.

What’s Being Done?

• Cloudflare and Gcore have upgraded their global scrubbing capacity and filtering systems to absorb larger attacks.

• Game developers like Riot have temporarily disabled ranked queues during peak attack windows to protect player experience.

• Hosting providers are working with upstream ISPs to reroute traffic and isolate attack vectors.

What Can Players and Admins Do?

During these attacks, there’s unfortunately very little that players or server admins can do to prevent or resolve the disruption directly. The scale and nature of AISURU’s botnet traffic means mitigation must happen at the infrastructure level, handled by hosting providers, ISPs, and global protection services.

What is helpful during these periods:

• Refrain from shouting or arguing in global chat. It doesn’t improve the situation and can make the experience worse for others.

• Understand this is not the fault of server owners or Physgun. They are doing everything possible behind the scenes to maintain stability.

• Avoid venting frustration at admin teams. They’re just as affected as players and are working hard to keep things running smoothly.

• Stay patient and supportive. Your understanding helps maintain a positive community atmosphere while technical teams work on mitigation.

We deeply appreciate everyone who continues to play, report issues constructively, and support each other during this turbulent period. Your resilience and loyalty mean a great deal to the UK Rust team.