18 May 2022 12:10

Specialists boost NashStore's protection after DDoS attack

MOSCOW. May 18 (Interfax) - Specialists have taken steps to enhance the protection of the NashStore application store, which came under DDoS attack on May 16, the day it was launched, NashStore said on Telegram on Wednesday.

"Our engineers have completed the work to strengthen the protection of our app store. The server architecture has been updated," it said.

The United States accounted for around 49% of the unauthorized traffic (over 7 million enquiries), France for 8.7%, the United Kingdom for 4.2%, Israel for 4%, and China for another 4%, it said. The target of the DDoS attack was the NashStore installation file download page.

The NashStore developers have said they detected attempts to guess a large number of passwords to elements of the server architecture and to destabilize the registration process by creating fake users.

"Up to one million bots were blocked in one hour during the peak," NashStore said.

Spam attacks were also staged on official mailboxes and auto registration on U.S. and Russian resources using the NashStore service's email.

"Now, with the updated server architecture, we are ready to repel even more serious attacks, at the same time maintaining a fully operational service," the developers said.

ANO Digital Platforms, the developer of the NashStore application store for Android, announced the launch of the app on May 16. However, users could not download it. The developer said that the reason was a powerful DDoS attack.

Currently, NashStore contains over 1,000 applications, including Banki.ru, Alfa-Bank, RN-Cart (Rosneft fuel card), RuTube, the Wink online cinema service, PSB Business, Sber-Market, Sovcombank, and others. There is no system for purchasing goods online in NashStore as of yet.

As Visa and Mastercard operations in Russia are suspended, it's impossible to make payments in Google Play and AppStore.