19 november 2021
The Largest DDoS Attack in History Hit Russian Tech Company Yandex
On September 5, 2021, the Yandex search engine and the most visited website in the Russian-language segment of the Internet, yandex.ru, suffered a massive DDoS attack. It was so powerful that the company's representatives called it the largest in the history of the Internet.
It all started back in summer, in June 2021.
At that time the company discovered that its servers were being attacked by a new botnet. It had tens of thousands of devices.
Remarkably, the company managed to quickly repel the attack, so users barely noticed anything, and their data was protected.
‘Our network infrastructure and spam filtering system were able to repel the attack. It didn't affect the functioning of the services in any way, the users' data were not affected’, - Yandex reported.
Later, experts found out that the botnet operates on compromised Mikrotik devices. The company makes WI-FI routers, switches, and other devices.
The manufacturer has made an official statement, in fact, admitting its guilt. It was suggested to disable SOCKS. This may indeed help. But ordinary computer users are unlikely to know what DDoS, botnet, SOCKS are and how their devices could be involved in any illegal activity.
A botnet is a huge group of devices that are interconnected through an internet connection. Basically, these are network devices.
From a technical point of view, Yandex's servers were not subjected to the longest, but the most powerful attack. Company representatives say that on September 5 they observed 21.8 million RPS.
Previously, particularly in late August, this number reached 10.9 million RPS, so the company was probably able to prepare somehow to repel the attack.
To date, the hackers' goals are unclear, but the fact that the largest Runet website was the target of interest makes one wonder. If a data leak were to happen, attackers would be able to access the data of millions of users. Yandex is not just a search engine, but also a payment card service, a food delivery company, a taxi service, and an online shopping aggregator Yandex.Market.
Internet users had mixed reactions to the information about the DDoS attack on Yandex. Some don't understand the hackers' goals but express sincere admiration that the company was able to repel such a huge number of requests. In particular, an expressive comment on Reddit left by Russian-Doomer received a large number of likes.
It is naive to think that the intruders' purpose is to gain the indirect benefit, in particular by forcing the company owners to pay money for no further attacks. Companies at this level have the technical means to protect their interests and user data. Smaller companies may face significant difficulties. This was mentioned by a YouTube user Wheezy Backports.
Yandex managed to repel a powerful attack, and if the media had not spread this information, no one would have known about it. A smaller company would probably have had to face tremendous difficulties and stop serving customers for some time.