A Brief History of the Meris Botnet

Meris is an active botnet responsible for a series of recent DDoS attacks that have targeted thousands of websites worldwide. The Meris botnet exploits a vulnerability in the RouterOS operating system used by MikroTik's routers and networking hardware, allowing attackers to gain unauthenticated remote access. Since its appearance, Cloudflare has been tracking and analyzing the activity of the Meris botnet, with more than 33% of all Meris DDoS attack traffic targeting China-based websites. Cloudflare's DDoS protection systems automatically detect and mitigate Meris attacks, protecting customers on both free and paid plans.