Yandex, a Russia-based technology and search engine giant, has confirmed that its servers were targeted with cyber history’s largest DDoS attack last week.
In its blog post published on 9 September, Yandex revealed that the company discovered a powerful new network of botnets that have carried out DDoS attacks not just against Runet, Russia’s version of the World Wide Web to maintain unified nationwide communications against cyberattack, but in various other countries.
“This is just one of many attacks aimed not only at Yandex but also at many other companies in the world. The attacks have been going on for several weeks, their scale is unprecedented, and their source is a new botnet about which little is known so far,” Yandex said in its official blog post.
The Massive Scale of the Attack
Yandex stated that the attack was a massive one as its IT experts had to deal with nearly 22 million requests per second (RPS), making it the “biggest known attack in the history of the internet.”
“Our specialists really managed to repel a record attack of more than 20 million RPS – this is the largest attack known in the history of the Internet,” Yandex revealed.
The company explained that the attack started in late August and peaked on September 5th. For your information, in a DDoS attack (Distributed Denial of Service attacks), the traffic of a targeted network or server is disrupted by an exorbitantly high number of requests.
Was it Really the World’s Largest Ever DDoS Attack?
According to Russian publication Vedomosti, the attack’s scale was although not confirmed by Cloudflare, a web infrastructure security firm. Still, going by its earlier record, it is indeed the largest ever attack noted so.
Cloudflare reported in August that the largest DDoS attack it had observed so far reached 17.2 million RPS, which was recorded earlier in 2021. Thus, we can assume that Yandex did indeed receive the largest DDoS attack in the internet’s history as it received over 20 million RPS.
The publication claims that the attack started over the weekend, and the tech firm was finding it difficult to repeal the series of attacks. Though the publication didn’t share details about the type of DDoS, it noted that Cloudflare states it is the “record scale of the cyberattack.”
About the New Botnet
Though there hasn’t been an official confirmation on the new botnet, DDoS-filtering service Qrator Labs’ CEO, Alexander Lyamin, stated that the new botnet called Mēris attacking Yandex is developed on the network equipment of a “very popular vendor from the Baltic States.”
Moreover, Lyamin revealed that the botnet spreads via a firmware vulnerability and has already gathered hundreds of thousands of infected devices.
Qrator Labs collaborated with Yandex to address the attack. They noted that the devices in the botnet weren’t typical IoT machines connected to a WiFi network but high-performance devices connected via an Ethernet connection.
“Qrator Labs observed 30,000 hosts in individual attacks, we at Yandex collected data on 56,000 attacking devices. But we assume that the true number is significantly larger – probably more than 200,000 devices,” Qrator wrote in its blog post.