Recently, it has been reported that Yandex was experiencing a massive DDoS attack from the Mēris botnet. this attack was denominated as the most comprehensive in the history of a DDoS attack, however, the key details are not yet cleared.
However, Yandex and Qrator Labs issued a large provision on Habré, on which they have yielded the details of what exactly happened, as per the study this DDoS attack power was more than 20 million requests per second, and the Mēris botnet was behind this attack.
There are some special features that have been published by Yandex and Qrator regarding this DDoS attack, and here we have mentioned them below:-
Russian media broke when news about a huge DDoS attack hitting Yandex appeared. It is been described as the largest attack in the history of the Russian internet, therefore it was given the name of “RuNet.”
According to the recent details, which emerged in joint research from Yandex it has been pronounced that they are providing DDoS protection services. There were several attacks, out of which information was collected by the new Meris botnet and it showed a force of more than 30,000 devices.
The data that has been collected by Yandex, observed that the assaults on its servers relied on 56,000 attacking hosts. However, 2,50,000 compromised devices may have been seen during the indication by the security experts.
Country | Hosts | % of global |
United States of America | 139930 | 42.6% |
China | 61994 | 18.9% |
Brazil | 9244 | 2.8% |
Indonesia | 7359 | 2.2% |
India | 6767 | 2.1% |
Hong Kong | 5225 | 1.6% |
Japan | 4928 | 1.5% |
Sweden | 4750 | 1.4% |
South Africa | 4729 | 1.4% |
Here’s the history of attacks on Yandex:-
Blacklist still exists, therefore those attacks are not spoofed, hence, the victim sees the attack origin just the way it is. To not disturb the possible end-user and thwart the attack, blocking would be sufficient.
Nobody knows how the owners of the Meris botnet would act in the future. But, there is a fair probability that they could be taking advantage of the compromise devices by making the hundred percent of their capacity.
In such cases, the only way other than blocking every request is to prevent the answering of the pipelined requests. Although, pipelining could be turned into a disaster if there is no DDoS attack mitigation at the targeted server.
The threat actors need less workforce to fill the RPS threshold for the victim and it turns out that many were not ready for such a situation.
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates.
A new project has exposed a critical attack vector that exploits protocol vulnerabilities to disrupt…
A threat actor known as #LongNight has reportedly put up for sale remote code execution…
Ivanti disclosed two critical vulnerabilities, identified as CVE-2025-4427 and CVE-2025-4428, affecting Ivanti Endpoint Manager Mobile…
Hackers are increasingly targeting macOS users with malicious clones of Ledger Live, the popular application…
The European Union has escalated its response to Russia’s ongoing campaign of hybrid threats, announcing…
Venice.ai has rapidly emerged as a disruptive force in the AI landscape, positioning itself as…