Megafon announced a new hacker attack tactic

Despite the decrease in the number of recorded cases of hacker attacks, their speed and capacity have increased significantly. This was reported by Megafon's DDoS protection specialists.

Thus, in the first six months of 2025, the number of incidents among users using Megafon protection decreased by 45% compared to the same period last year. On average, an attack lasts one hour and 45 minutes, which is 18% less year on year. The longest attack of this half—year lasted almost three days, and a year earlier - more than five days, the company said.

At the same time, the average attack capacity (Gbps) increased by 18%, the operator's analysts noted. Last year's record was repeated this year — 710 Gbps. The speed indicators have also increased significantly. Previously, attackers tried to carry out slow attacks to disguise them as a normal stream of traffic, but now the average rate has increased by 39%. The most powerful attack on Megafon's customers doubled to 72,210 Kpps.

"Attackers use different types of combinations of attack parameters, trying to influence the effectiveness in this way," said Natalia Taldykina, Director of Corporate Business Development at Megafon. According to her, hackers adapt their strategies based on the response of security systems, and the larger and more diverse the traffic, the more difficult it is to filter it.

The fact that a large proportion of attacks are recorded in the current half of the year, exceeding the figures of previous years, is due to several factors, Taldykina stressed. Among them is an increase in the traffic and speed of Internet consumption by users in general, as well as greater availability of botnets and an increase in the efficiency of load distribution between them. In addition, this is due to sending various requests that force servers to respond with large amounts of data, Megafon said.