Yandex researchers published the results of an investigation of massive DDoS attack that targeted the company's resources. According to experts, the attack lasted for a week and it reached 21.8 million requests per second (RPS). The Mēris botnet was identified as the source of the attack.

As the company noted, this attack with an indicator of 21.8 million RPS can be called the largest in the history of the Internet. The Mēris botnet was originated with the help of vulnerability in network equipment from the Latvian company MikroTik. Yandex specialists noted that Mēris was apparently used in other DDoS attacks aimed at resources not only in Russia, but also in New Zealand and the United States.

The first signs of a botnet were discovered by Qrator Labs specialists back in June 2021. At that time, it was found that it included 30 thousand infected devices, according to Yandex estimates their number is at least 55 thousand. At the same time, experts from both companies do not exclude that in reality a botnet could even unite more than 200 thousand devices. Most likely, the equipment participating in Mēris was connected through the Ethernet connection.

The massive DDoS attack on Yandex services lasted for a week and peaked at 21.8 million RPS on September 5. The company managed to repel this attack, preventing leaks of user data and keeping the services up and running. Yandex specialists are sure that the owners of the Mēris botnet have not yet used its full possibilities.

Source: 3dnews.ru