5 comments

[ 2.9 ms ] story [ 25.6 ms ] thread
Dumb guy question:

Did they search for MikroTik because it is easy to search for and has some history of vulnerabilities?

They did a Shodan-style search on the IPs they believed were involved in the attack and determined they were Mikrotik routers.
> Indeed, a great part of these IPs are known as MikroTik Routers

I wonder why they decided not to include the exact percentage of the attack coming from Mikrotik devices or a list of the top 10 vendors and their share.

Like, did Mikrotik generate 50% of the high packet rate DDoS? Or was it like 10% coming from Microtik, 10% from major vendors and 80% of others/unknown?