Security News > 2021 > September > Yandex Pummeled by Potent Meris DDoS Botnet
Technical details tied to a record-breaking distributed-denial-of-service attack against Russian internet behemoth Yandex are surfacing as the digital dust settles.
Attackers, according to Qrator Labs, exploited a 2018 bug unpatched in more than 56,000 MikroTik hosts involved in the DDoS attack.
According to Qrator, the Mēris botnet delivered the largest attack against Yandex it has ever spotted - peaking at 21.8 million requests per second.
Researchers have linked Mēris to the August 19 DDoS attack tracked by Cloudflare.
The Yandex attacks occurred between August 29 through September 5 - when the 28.1 million RPS attack occurred.
Qrato recent analysis of the DDoS attack revealed that the compromised hosts each had open ports 2000 and 5678.
News URL
https://threatpost.com/yandex-meris-botnet/169368/
Related news
- Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks (source)
- Mirai Botnet Launches Record 5.6 Tbps DDoS Attack with 13,000+ IoT Devices (source)
- Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet (source)
- Mirai botnet behind the largest DDoS attack to date (source)
- New Aquabot Botnet Exploits CVE-2024-41710 in Mitel Phones for DDoS Attacks (source)