Mēris Botnet Goes Global

Uploaded on 2021-09-13 in TECHNOLOGY--Resilience, TECHNOLOGY--Hackers, FREE TO VIEW

The Russian Internet giant Yandex has been the target of a record-breaking Distributed Denial-of-Service (DDoS) attack known as Mēris. The botnet is believed to have attacked the company's web infrastructure with millions of HTTP requests, before hitting a peak of 21.8 million requests per second. 

The Mēris  botnet, which has been seen since June 2021 is made up of around 250K malware-infected devices and is behind some of the largest recent DDoS attacks.

For the last five years, there have virtually been almost no global-scale application-layer attacks and during this period and cyber security professionals have learned how to cope with the high bandwidth network layer attacks, including amplification-based ones. 

Mēris, (the Latvian word for “plague”)  has been primarily used as part of a DDoS extortion campaign against Internet service providers and financial entities across several countries, such as UK, US, New Zealand and now Russia. What has been confirmed about the Mēris botnet is that it uses HTTP pipeline technology for DDoS attacks. Researchers have linked Mēris to a DDoS attack in August tracked by Cloudflare

The group behind the botnet typically sends menacing emails to large companies asking for a ransom payment. The emails, which target companies with extensive online infrastructure and which can’t afford any downtime, contain threats to take down crucial servers if the group is not paid a certain amount of crypto-currency by a deadline.

If victims don’t pay, the hackers unleash their botnet in smaller attacks at the beginning that substantially grow in size with time in order to put pressure on the victims.

The biggest contributor to the IoT botnet problem is the plethora of companies white-labelling IoT devices that were never designed with security in mind and are often shipped to the customer in default-insecure states, mainly because these devices tend to be far cheaper than more secure alternatives. There is a suggestion that the botnet could grow in force through password brute-forcing, which looks like some vulnerability that was either kept secret before the current massive campaign began or sold on the black market.

The Record:    Gigazine:     Brian Krebs:      Qrator:         Threatpost:         Mikrotik:      Hacker News

You Might Also Read: 

French Cyber-Police, Avast & FBI Neutralise Global Botnet

 

« Ransomware: One Percent Makes A Big Impact
Secure Network Access For The Modern Distributed Workforce »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Cyber Secure Forum

Cyber Secure Forum

The Cyber Secure Forum is a premier cybersecurity event dedicated to bringing together experts, and professionals to explore the latest trends, share knowledge, and discuss strategies.

Westermo Network Technologies

Westermo Network Technologies

Westermo designs and manufactures robust, resilient and secure data communications products for mission-critical industrial systems.

Malware Patrol

Malware Patrol

Malware Patrol provides intelligent threat data that protects against cyber attacks.

Valtori

Valtori

Government ICT Centre Valtori provides sector-independent ICT services for the central government, while taking into account the special requirements related to security and preparedness.

Recovery Point Systems

Recovery Point Systems

Recovery Point is a leading national provider of IT secure and compliant infrastructure and business resilience services.

StepStone

StepStone

StepStone is one of the leading online job platforms in Germany, and other countries, covering all industry sectors including IT and cybersecurity.

SBD Automotive

SBD Automotive

SBD Automotive are specialists in automotive technology providing independent research and consultancy to help create smarter, more secure, better connected, and increasingly autonomous cars.

CYBAVO

CYBAVO

CYBAVO is a cryptocurrency security company founded by experts from the cryptocurrency and security industries.

Aversafe

Aversafe

Aversafe provides individuals, employers and certificate issuers around the world with a first line of defense against credential fraud.

Salt Cybersecurity

Salt Cybersecurity

Salt Cybersecurity offer a four-pronged approach to information security that includes Custom Security Policy, Vulnerability Assessment, Threat Detection, and Security Awareness Training.

Artifice Security

Artifice Security

Artifice Security will demonstrate real-world attacks on your network, web applications, infrastructure, and personnel to expose your hidden security risks.

SoftwareONE

SoftwareONE

SoftwareONE is a leading global provider of end-to-end software and cloud technology solutions.

Tozny

Tozny

Tozny offers products with security and privacy in mind that are built on the foundation of end-to-end encryption, and open-source verifiable software.

Data Pie Cybersecurity

Data Pie Cybersecurity

The Data Pie Cybersecurity Consulting offers a 360° around protection for your IT security. Security awareness solutions and consulting.

Qeros

Qeros

Qeros is a next-generation distributed system enables secure data and transaction processing at the velocity of thought.

PDI Technologies

PDI Technologies

PDI Technologies helps convenience retail and petroleum wholesale businesses around the globe increase efficiency and profitability by securely connecting their data and operations.