Security News > 2021 > September > Yandex Pummeled by Potent Meris DDoS Botnet
Technical details tied to a record-breaking distributed-denial-of-service attack against Russian internet behemoth Yandex are surfacing as the digital dust settles.
Attackers, according to Qrator Labs, exploited a 2018 bug unpatched in more than 56,000 MikroTik hosts involved in the DDoS attack.
According to Qrator, the Mēris botnet delivered the largest attack against Yandex it has ever spotted - peaking at 21.8 million requests per second.
Researchers have linked Mēris to the August 19 DDoS attack tracked by Cloudflare.
The Yandex attacks occurred between August 29 through September 5 - when the 28.1 million RPS attack occurred.
Qrato recent analysis of the DDoS attack revealed that the compromised hosts each had open ports 2000 and 5678.