Yandex Suffers the Largest Cyberattack in Runet History

Over the weekend, Yandex was hit by a DDoS attack that is still ongoing. According to Vedomosti, the company described the hacker attack as the largest in the history of the Russian internet (Runet). The DDoS attack was confirmed by a high-ranking source at Yandex and by Cloudflare, an American company specializing in cyberattack mitigation that worked with Yandex. Experts managed to contain the attack, but it was a difficult process. An internal investigation is currently underway at Yandex.

“This is a threat to infrastructure on a national scale,” a source told the publication, but did not specify whether the company had contacted the FSB or the police.

An official Yandex representative stated that the hackers’ actions did not affect the operation of Yandex’s services and that user data was not compromised.

Details of the Attack

According to Vedomosti, there has been an increase in DDoS attacks on various companies in August and September. The attacks are being carried out using a new botnet that disguises itself as regular users. This botnet spreads through a vulnerability in device firmware and already includes up to hundreds of thousands of infected devices. In terms of requests per second, this botnet is breaking all previous records.

Experts interviewed by the publication believe that MikroTik equipment may have been used to organize the botnet.

Response from MikroTik

A MikroTik representative stated that a vulnerability had previously been discovered in their RouterOS operating system, but it was fixed in 2018. However, many devices are still running outdated software. MikroTik says they are not aware of any new vulnerabilities since the previously mentioned one was resolved. RouterOS is regularly reviewed by independent auditing companies.