Major Russian banks hit with DDoS attacks as Ukraine claims responsibility

Avatar

Several large Russian banks confirmed on Wednesday that they suffered distributed denial-of-service (DDoS) attacks that temporarily disrupted their mobile apps and websites, according to local media reports.

The Russian state-owned bank VTB told the state news agency TASS that due to the attack “planned from abroad,” its clients experienced problems using the bank’s online services.

The Russian Agricultural Bank told Russian media Izvestia that it was also hit by a DDoS attack on Tuesday, but its consequences were “minimal” as the bank implemented “a new enhanced system for combating attacks of this type.”

Russia’s privately-owned Gazprombank, the third largest in the country, said its clients experienced some difficulties when performing transactions in its app due to the attacks, but the problem was quickly fixed.

Other Russian banks reportedly affected by the attacks include Alfa Bank, Rosbank and Post Bank.

On Wednesday, Ukraine’s military intelligence (HUR) claimed responsibility for the DDoS campaign against the Russian banking sector. Speaking to Ukrainian media, an anonymous source at HUR said that the attacks also disrupted the operation of several Russian payment systems and large telecom operators, including Beeline, Megafon, Tele2 and Rostelecom.

This information couldn’t be independently verified. The HUR official claimed that the attack “is still ongoing and far from over.”

This is not the first time Ukraine’s intelligence has claimed to hack Russian enterprises, including banks and internet providers.

In an incident publicized in October, two groups of pro-Ukrainian hackers and Ukraine’s security service (SBU) claimed to have breached Russia’s largest private bank, Alfa-Bank. In January, attackers involved in the Alfa-Bank hack released data they claimed belonged to 30 million bank customers.

In another attack earlier this year, the pro-Ukrainian hacker group Blackjack, in cooperation with the SBU, said it breached a Moscow internet provider to seek revenge for a Russian cyberattack on Ukraine’s largest telecom company, Kyivstar.

Not all of the reports by Ukraine’s hackers or intelligence officials could be verified independently — Russia has typically either ignored or denied them, and DDoS attacks are typically easy to remediate. The latest DDoS campaign against banks, however, is one of the few cases where the attack had undeniable consequences, even though Russia said that the impact of the attacks was minimal.

CybercrimeGovernmentNewsNation-state
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Daryna Antoniuk

is a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.

 

Total
0
Shares
Previous Post

Bug in update checker blamed for CrowdStrike outages as Congress demands hearing

Next Post

Popular Hamster Kombat game has become ‘ripe for abuse’ by cybercriminals, researchers warn

Related Posts

Researchers Uncover Flaws in Popular Open-Source Machine Learning Frameworks

Cybersecurity researchers have disclosed multiple security flaws impacting open-source machine learning (ML) tools and frameworks such as MLflow, H2O, PyTorch, and MLeap that could pave the way for code execution. The vulnerabilities, discovered by JFrog, are part of a broader collection of 22 security shortcomings the supply chain security company first disclosed last month. Unlike the first
Avatar
Read More