Security News > 2021 > September > Mēris Botnet Hit Russia's Yandex With Massive 22 Million RPS DDoS Attack

Russian internet giant Yandex has been the target of a record-breaking distributed denial-of-service attack by a new botnet called M?ris.

The botnet is believed to have pummeled the company's web infrastructure with millions of HTTP requests, before hitting a peak of 21.8 million requests per second, dwarfing a recent botnet-powered attack that came to light last month, bombarding an unnamed Cloudflare customer in the financial industry with 17.2 million RPS. Russian DDoS mitigation service Qrator Labs, which disclosed details of the attack on Thursday, called M?ris - meaning "Plague" in the Latvian language - a "Botnet of a new kind."

"It is also clear that this particular botnet is still growing. There is a suggestion that the botnet could grow in force through password brute-forcing, although we tend to neglect that as a slight possibility. That looks like some vulnerability that was either kept secret before the massive campaign's start or sold on the black market," the researchers noted, adding M?ris "Can overwhelm almost any infrastructure, including some highly robust networks [] due to the enormous RPS power that it brings along."

The DDoS attacks leveraged a technique called HTTP pipelining that allows a client to open a connection to the server and make multiple requests without waiting for each response.

M?ris has also been linked to a number of DDoS attacks, including that mitigated by Cloudflare, noting the overlaps in "Durations and distributions across countries."

While it's highly recommended to upgrade MikroTik devices to the latest firmware to combat any potential botnet attacks, organizations are also advised to change their administration passwords to safeguard against brute-force attempts.

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/ZkFAKWvtSPY/meris-botnet-hit-russias-yandex-with.html