Summary: Several major Russian banks experienced distributed denial-of-service (DDoS) attacks that disrupted their online services, with Ukraine’s military intelligence claiming responsibility for the campaign. The attacks affected multiple banks and telecom operators, although the extent of the disruption varied among the victims.
Threat Actor: Ukraine’s military intelligence (HUR) | HUR
Victim: Russian banks | Russian banks
Key Point :
- Several large Russian banks, including VTB and Gazprombank, reported DDoS attacks that affected their mobile apps and websites.
- Ukraine’s military intelligence claimed the attacks were part of an ongoing campaign against the Russian banking sector and telecom operators.
- Previous incidents of cyberattacks by pro-Ukrainian groups against Russian entities have been reported, but the impact of this DDoS campaign was notably acknowledged.
Several large Russian banks confirmed on Wednesday that they suffered distributed denial-of-service (DDoS) attacks that temporarily disrupted their mobile apps and websites, according to local media reports.
The Russian state-owned bank VTB told the state news agency TASS that due to the attack “planned from abroad,” its clients experienced problems using the bank’s online services.
The Russian Agricultural Bank told Russian media Izvestia that it was also hit by a DDoS attack on Tuesday, but its consequences were “minimal” as the bank implemented “a new enhanced system for combating attacks of this type.”
Russia’s privately-owned Gazprombank, the third largest in the country, said its clients experienced some difficulties when performing transactions in its app due to the attacks, but the problem was quickly fixed.
Other Russian banks reportedly affected by the attacks include Alfa Bank, Rosbank and Post Bank.
On Wednesday, Ukraine’s military intelligence (HUR) claimed responsibility for the DDoS campaign against the Russian banking sector. Speaking to Ukrainian media, an anonymous source at HUR said that the attacks also disrupted the operation of several Russian payment systems and large telecom operators, including Beeline, Megafon, Tele2 and Rostelecom.
This information couldn’t be independently verified. The HUR official claimed that the attack “is still ongoing and far from over.”
This is not the first time Ukraine’s intelligence has claimed to hack Russian enterprises, including banks and internet providers.
In an incident publicized in October, two groups of pro-Ukrainian hackers and Ukraine’s security service (SBU) claimed to have breached Russia’s largest private bank, Alfa-Bank. In January, attackers involved in the Alfa-Bank hack released data they claimed belonged to 30 million bank customers.
In another attack earlier this year, the pro-Ukrainian hacker group Blackjack, in cooperation with the SBU, said it breached a Moscow internet provider to seek revenge for a Russian cyberattack on Ukraine’s largest telecom company, Kyivstar.
Not all of the reports by Ukraine’s hackers or intelligence officials could be verified independently — Russia has typically either ignored or denied them, and DDoS attacks are typically easy to remediate. The latest DDoS campaign against banks, however, is one of the few cases where the attack had undeniable consequences, even though Russia said that the impact of the attacks was minimal.
Recorded Future
Intelligence Cloud.
Source: https://therecord.media/major-russian-banks-ddos-attack-ukraine