Cybercriminals are exploiting the growing Internet of Things (IoT) ecosystem to launch large-scale, record-breaking Distributed Denial-of-Service (DDoS) attacks, with many compromised devices being smart TVs and set-top boxes.
According to web infrastructure and security company Cloudflare, its autonomous DDoS defense systems blocked approximately 21.3 million DDoS attacks in 2024, marking a 53% increase from 2023. The fourth quarter alone saw over 420 hyper-volumetric DDoS attacks, including the largest ever recorded DDoS attack, which reached a staggering 5.6 terabits per second (Tbps).
Most of the DDoS attacks recorded in 2024 were launched by known botnets, which infect devices and conscript them into overwhelming the servers of targeted victims.
Poorly secured IoT devices, many of them consumer products, are commonly compromised and leveraged by botnets to launch DDoS attacks. Routers and IP cameras are commonly cited as such, but Cloudflare’s report highlights that smart TVs and set-top boxes were among the most frequently used devices in these attacks.
Specifically, the HITV_ST_PLATFORM user agent, which is associated with those devices, accounted for the highest share of DDoS requests out of all user agents and is almost exclusively used in DDoS attacks.

2024 Lighting Controls and Fixtures Report
Lightapalooza took place in late February, and the growth of the event has mirrored the rapid ascension lighting fixtures and controls.Download your copy now!
“The presence of the HITV_ST_PLATFORM user agent, which is associated with smart TVs and set-top boxes, suggests that the devices involved in certain cyberattacks are compromised smart TVs or set-top boxes,” Cloudflare noted in its report. “This observation underscores the critical need to secure all Internet-connected devices, including smart TVs and set-top boxes, to prevent their exploitation in cyberattacks.”
Cloudflare’s report echoes growing concerns of a tech industry that has long put the cybersecurity of consumer devices below their convenience and connectivity. These issues are getting more attention from manufacturers and governments, including the U.S., which has launched its Cyber Trust Mark IoT security labeling program for consumer products.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!