Yandex has repelled the largest DDoS attack in history

👋🏻 Hello everyone. In this article, we will tell you about how Yandex repelled the largest DDoS attack in history.

🏆 20 million RPS (request per second). This record was recently set by a new botnet called Mēris (translated from Latvian as “plague”).

❓ What are the features of the new botnet?

🔹 Using pipelining in HTTP / 1.1 to organize DDoS attacks (confirmed)

🔹 Attacks are focused on the exploitation of RPS (confirmed)

🔹 Open port 5678/TCP (confirmed)

🔹 SOCKS4-proxy on the infected device (not confirmed, although we know that Mikrotik devices use SOCKS4)

📢 According to the company’s report, the botnet continues to grow further, while not only Yandex, but also many other companies are exposed to the threat of such a DDoS attack.

📌 Over the past two weeks, the attacks, in addition to Russia, have also targeted the United States and New Zealand. Cloudflare recently reported that they managed to repel an attack of 17 million RPS.

📌 One of the important “features” of this botnet is also that such a number of requests can disable even the equipment that is specially sharpened to reflect high-intensity DDoS attacks.

🔗 Reverse L2TP tunnels are used for interaction within the network, and the number of infected devices reaches 250,000.

🖥 It is also important that IP addresses are not substituted in these cyber attacks, so they can be easily repelled by a banal blacklist for a short time.

⚙️ Therefore, we can say that this attack tries to take the number of attackers, and not their quality, which will lead to the fact that the botnet will most likely cease to be a problem quite quickly, since it uses the old vulnerabilities of some routers, such as Mikrotik.

💬 According to the Yandex report, they have already sent all the necessary information to the manufacturers, and this DDoS attack did not become a big problem for them.

❓ What conclusion can be drawn from this?

✅ Despite the seemingly huge resources of the Mēris botnet, which is able to send more than 200 RPS, its emphasis on quantity could not lead to significant success. This once again confirms that the disBalancer team, focusing on the quality of its cyberarmy, provides truly effective services.

--

--

--

A decentralized cybersecurity solution that performs stress testing to identify DDoS vulnerabilities and protect projects against fraudsters.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Ethical hacking will secure you from hacking……

POAP Creates 11 NFT Art Designs for The Graph Community

How To Quickly Invest In Crypto The Right Way

CSRF Today: Techniques, Mitigations and Bypasses (Continued)

Crypto SNACK is now listed on CoinsPaid, the biggest coin processing company in the world, as an…

Discussing Security: How Much Does Open-Source Contribute to Security?

A Long Road from Google

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
disBalancer

disBalancer

A decentralized cybersecurity solution that performs stress testing to identify DDoS vulnerabilities and protect projects against fraudsters.

More from Medium

CS 373 Fall 2021 Week 13: Lauren Warhola

How Phuture works?– Non-technical overview & Guide to create your index.

«Weekly Report» The Change of AIDUS QTS Profit Rate (January 21, 2022)

District Work Period Recap | Jan 24–28, 2022