Meduza

Meduza is a Russian‑language independent media outlet that publishes news, analysis and investigative reporting primarily through its website and associated digital channels. Headquartered in Latvia, the outlet serves a global audience of Russian‑speaking readers who seek coverage of domestic and international events that is not subject to state editorial control. Its core product is a continuously updated online news portal, which is supplemented by mirror servers that replicate the site to maintain accessibility during access disruptions. Additional distribution channels include a mobile application, email newsletters and a presence on the Telegram messaging platform. Financial sustainability is achieved through voluntary reader contributions collected via a crowdfunding platform that funds the outlet’s operational and editorial activities.

The outlet’s operational scale is evident from the technical measures it employs to counter disruptions, such as maintaining multiple mirror servers that are routinely blocked by attackers at intervals of ten to twenty minutes. During the cyberattack campaign observed in February 2024, attackers generated distributed denial‑of‑service traffic that spiked to roughly two hundred times the outlet’s normal level, indicating the volume of legitimate traffic the site typically handles. The same campaign involved fraudulent transactions aimed at the crowdfunding infrastructure, attempting to siphon funds and undermine the outlet’s financial support base. Attackers also engaged in phishing and credential‑reset attempts targeting journalists’ accounts, seeking to gain unauthorized access to editorial systems. Concurrently, automated bot activity flooded communication channels—including Telegram subscriptions, email newsletters and app reviews—with disruptive content designed to degrade user experience and sow confusion.

These coordinated actions have been attributed to Russian state‑aligned actors and are interpreted as part of a broader effort to impede independent reporting and impose information restrictions ahead of national elections. Meduza’s reliance on a reader‑funded crowdfunding model distinguishes it from advertising‑driven or state‑supported media outlets, providing a degree of editorial autonomy that is reflected in its investigative output. The outlet’s need to maintain mirror servers and absorb massive DDoS spikes highlights its investment in technical resilience and redundancy to preserve service availability under sustained pressure. Experience with multi‑vector cyber operations—combining traffic overload, credential harassment and automated bot flooding—has required the organization to develop specialized defensive capabilities and incident response procedures. Consequently, Meduza occupies a distinctive niche as an independent Russian‑language news provider that operates from a jurisdictional base outside Russia while confronting sophisticated, state‑linked cyber threats aimed at silencing its voice.