Was a Massive DDoS Attack Behind Steam and Riot’s Outages?

Gamers around the world faced widespread connectivity issues this week, with major services like Steam, Riot Games, Epic Games, and even parts of the PlayStation Network (PSN) experiencing outages. The disruptions, which began around 8:00 PM EDT on October 6, are now suspected to be the result of a massive distributed denial-of-service (DDoS) attack linked to the Aisuru botnet.

What Happened to Steam and Riot Games?

Reports from Downdetector and player communities show simultaneous service disruptions across several platforms. Users reported being unable to log into or stay connected to popular multiplayer titles like Counter-Strike 2, Dota 2, Valorant, and League of Legends.

Riot Games confirmed the issue through its official status page, noting that players across all major platforms, Windows, macOS, iOS, and Android, were affected. “We’re aware of a problem causing players to disconnect from their games and have disabled ranked queues while we investigate,” Riot’s alert read. Compensation for lost ranked points has been introduced where appropriate.

Interestingly, this disruption hasn’t been limited to gaming services alone. AWS, xfinity, Cox, and even streaming platforms like Hulu were affected.

At the moment, there’s no official confirmation that all of these issues share the same root cause. However, the pattern and scale suggest something far larger than simple server strain.

Was This Really a DDoS Attack?

While companies have avoided directly naming the cause, cybersecurity researchers and reporters are pointing to one likely culprit: the Aisuru botnet. First discovered by XLab researchers in August 2024, Aisuru has been linked to several record-breaking DDoS attacks in recent months.

According to Cybernews and PC Mag, the Aisuru botnet was behind a “hyper-volumetric” DDoS attack in September that reached a staggering 29.69 terabits per second (Tbps), shattering the previous record of 22.2 Tbps reported by Cloudflare. This scale of attack dwarfs anything previously seen online.

Reddit discussions have cited cybersecurity alerts describing “sophisticated TCP carpet bomb attacks” that closely mimic legitimate traffic, making them extremely difficult to block. One defender quoted in a Reddit post said, “This is one of the more advanced attack vectors we’ve seen, and we worked quickly to develop a patch and ship it out globally.”

XLab estimates that the botnet now controls roughly 300,000 compromised devices, including vulnerable A-MTK cameras, D-Link routers, DVRs, and gateways. The malware spreads through these unsecured internet-connected devices, forming a vast global network of hijacked machines capable of overwhelming even the largest servers.

In previous months, Aisuru has targeted multiple industries, from finance to government and gaming. Its attacks have hit major regions including China, the United States, Germany, and the United Kingdom. XLab researchers say the group behind Aisuru operates with military-grade precision and even appears to weave ideological messages into its operations.

As of now, the motive remains unclear. Some cybersecurity experts believe these large-scale disruptions may be a “demonstration of power,” essentially a proof of capability to potential buyers of illicit DDoS-for-hire services.

For now, both Riot and Valve are working to stabilize their networks, while other affected companies continue to monitor the situation. Players can check each game’s client or official status pages for real-time updates.