Russian internet giant Yandex has been targeted in a massive distributed denial-of-service (DDoS) attack that started last week and reportedly continues this week.
A report in Russian media says that the assault is the largest in the short history of the Russian internet, the RuNet, and that it was confirmed by a U.S.-based company.
RuNet is the Russian segment of the internet, created to function independently of the worldwide web. Its purpose is to maintain the unified country-wide communication infrastructure running in case of a cyber attack from a foreign adversary.
Services and data not impacted
According to Russian-language publication Vedomosti citing Yandex sources, the flux of attack data started to hit the company’s servers over the weekend.
A source for the publication said that Yandex had a hard time defending against the assault that carries into this week.
There are no details about the type of DDoS or its size but the Russian publication is saying that Cloudflare web infrastructure security company confirmed the “record scale of the cyberattack.”
To note, Yandex in partnership with Qrator Labs provides its customers a DDoS protection service for cloud resources.
Vedomosti says that its sources declined to provide more information on the attack because of an ongoing internal audit, but noted that the incident represents “a threat to infrastructure on a national scale.”
The Russian publication says that a Yandex spokesperson confirmed the DDoS attack and that the company’s network infrastructure managed to filter the unwanted requests, resulting in no impact on provided services or user data.
New botnet on the horizon
DDoS attacks are carried out by botnets, large collections of compromised internet-connected devices receiving commands from an administrator.
According to Alexander Lyamin, the CEO of Qrator Labs, quoted by Vedomosti, Yandex appears to have been targeted by a new botnet that harnesses the power of network equipment from a vendor in the Baltic region.
Yandex has yet to confirm this information, though. BleepingComputer has emailed both Yandex and Cloudflare for details about this attack and is currently awaiting a reply.
Two of the largest DDoS attacks publicly reported are a 2.3Tbps detected by Amazon Web Services Shield in the first quarter of 2020 and a 17 million requests per second assault mitigated by Cloudflare in July this year.
Update: Following the publication of this article, joint research from DDoS mitigation company Qrator Labs and Yandex revealed more details about the attack, naming a new botnet called Meris as the origin of the attack.