Major Russian banks hit with DDoS attacks as Ukraine claims responsibility

Avatar

Several large Russian banks confirmed on Wednesday that they suffered distributed denial-of-service (DDoS) attacks that temporarily disrupted their mobile apps and websites, according to local media reports.

The Russian state-owned bank VTB told the state news agency TASS that due to the attack “planned from abroad,” its clients experienced problems using the bank’s online services.

The Russian Agricultural Bank told Russian media Izvestia that it was also hit by a DDoS attack on Tuesday, but its consequences were “minimal” as the bank implemented “a new enhanced system for combating attacks of this type.”

Russia’s privately-owned Gazprombank, the third largest in the country, said its clients experienced some difficulties when performing transactions in its app due to the attacks, but the problem was quickly fixed.

Other Russian banks reportedly affected by the attacks include Alfa Bank, Rosbank and Post Bank.

On Wednesday, Ukraine’s military intelligence (HUR) claimed responsibility for the DDoS campaign against the Russian banking sector. Speaking to Ukrainian media, an anonymous source at HUR said that the attacks also disrupted the operation of several Russian payment systems and large telecom operators, including Beeline, Megafon, Tele2 and Rostelecom.

This information couldn’t be independently verified. The HUR official claimed that the attack “is still ongoing and far from over.”

This is not the first time Ukraine’s intelligence has claimed to hack Russian enterprises, including banks and internet providers.

In an incident publicized in October, two groups of pro-Ukrainian hackers and Ukraine’s security service (SBU) claimed to have breached Russia’s largest private bank, Alfa-Bank. In January, attackers involved in the Alfa-Bank hack released data they claimed belonged to 30 million bank customers.

In another attack earlier this year, the pro-Ukrainian hacker group Blackjack, in cooperation with the SBU, said it breached a Moscow internet provider to seek revenge for a Russian cyberattack on Ukraine’s largest telecom company, Kyivstar.

Not all of the reports by Ukraine’s hackers or intelligence officials could be verified independently — Russia has typically either ignored or denied them, and DDoS attacks are typically easy to remediate. The latest DDoS campaign against banks, however, is one of the few cases where the attack had undeniable consequences, even though Russia said that the impact of the attacks was minimal.

CybercrimeGovernmentNewsNation-state
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Daryna Antoniuk

is a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.

 

Total
0
Shares
Previous Post

Bug in update checker blamed for CrowdStrike outages as Congress demands hearing

Next Post

Popular Hamster Kombat game has become ‘ripe for abuse’ by cybercriminals, researchers warn

Related Posts

5 Steps to Boost Detection and Response in a Multi-Layered Cloud

The link between detection and response (DR) practices and cloud security has historically been weak. As global organizations increasingly adopt cloud environments, security strategies have largely focused on "shift-left" practices—securing code, ensuring proper cloud posture, and fixing misconfigurations. However, this approach has led to an over-reliance on a multitude of DR tools spanning
Avatar
Read More

Social Media Accounts: The Weak Link in Organizational SaaS Security

Social media accounts help shape a brand’s identity and reputation. These public forums engage directly with customers as they are a hub to connect, share content and answer questions. However, despite the high profile role these accounts have, many organizations overlook social media account security. Many lack the safeguards to prevent unauthorized access — a situation no organization wants as
Avatar
Read More