Yandex is a local Internet giant in Russia, which operates a variety of services such as search engines, news sites, emails, web disks, and online payments.
A few days ago, the company was attacked by a new type of botnet. The botnet relied on HTTP pipe technology to initiate 21.8 million requests to Yandex every second.
An attack of this scale is difficult for most websites to resist. As for the purpose of this botnet’s attack, it is not clear for the time being, and the relevant parties have not spoken out.
As for the name of this botnet Mēris – meaning “Plague” in the Latvian language — a “botnet of a new kind.”, it is believed that the botnet may control a large number of routers in Latvia.
The little-known Mēris has not received widespread attention before, but the investigation found that this botnet even launched a large-scale attack on CloudFlare before.
Large-scale attacks can be launched because this botnet controls countless home routers. Hackers use known security vulnerabilities to invade home routers in Latvia.
The data that can be counted is that the attack launched by hackers on Yandex called 250,000 infected devices. However, hackers use HTTP pipeline technology, through which the local client can continue to send requests in multiple threads without receiving a response from the server.
As a result, Yandex suffers 21.8 million malicious visits per second, which leads to exhaustion of server resources and bandwidth, which seriously affects normal users’ use of Yandex services.
In the previous attacks against Cloudflare, the number of concurrent hackers was about 17.2 million requests per second. This time the attack on Yandex even surpassed Cloudflare.