Major Russian banks hit with DDoS attacks as Ukraine claims responsibility

Avatar

Several large Russian banks confirmed on Wednesday that they suffered distributed denial-of-service (DDoS) attacks that temporarily disrupted their mobile apps and websites, according to local media reports.

The Russian state-owned bank VTB told the state news agency TASS that due to the attack “planned from abroad,” its clients experienced problems using the bank’s online services.

The Russian Agricultural Bank told Russian media Izvestia that it was also hit by a DDoS attack on Tuesday, but its consequences were “minimal” as the bank implemented “a new enhanced system for combating attacks of this type.”

Russia’s privately-owned Gazprombank, the third largest in the country, said its clients experienced some difficulties when performing transactions in its app due to the attacks, but the problem was quickly fixed.

Other Russian banks reportedly affected by the attacks include Alfa Bank, Rosbank and Post Bank.

On Wednesday, Ukraine’s military intelligence (HUR) claimed responsibility for the DDoS campaign against the Russian banking sector. Speaking to Ukrainian media, an anonymous source at HUR said that the attacks also disrupted the operation of several Russian payment systems and large telecom operators, including Beeline, Megafon, Tele2 and Rostelecom.

This information couldn’t be independently verified. The HUR official claimed that the attack “is still ongoing and far from over.”

This is not the first time Ukraine’s intelligence has claimed to hack Russian enterprises, including banks and internet providers.

In an incident publicized in October, two groups of pro-Ukrainian hackers and Ukraine’s security service (SBU) claimed to have breached Russia’s largest private bank, Alfa-Bank. In January, attackers involved in the Alfa-Bank hack released data they claimed belonged to 30 million bank customers.

In another attack earlier this year, the pro-Ukrainian hacker group Blackjack, in cooperation with the SBU, said it breached a Moscow internet provider to seek revenge for a Russian cyberattack on Ukraine’s largest telecom company, Kyivstar.

Not all of the reports by Ukraine’s hackers or intelligence officials could be verified independently — Russia has typically either ignored or denied them, and DDoS attacks are typically easy to remediate. The latest DDoS campaign against banks, however, is one of the few cases where the attack had undeniable consequences, even though Russia said that the impact of the attacks was minimal.

CybercrimeGovernmentNewsNation-state
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Daryna Antoniuk

is a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.

 

Total
0
Shares
Previous Post

Bug in update checker blamed for CrowdStrike outages as Congress demands hearing

Next Post

Popular Hamster Kombat game has become ‘ripe for abuse’ by cybercriminals, researchers warn

Related Posts

CISA Warns of Hackers Exploiting Legacy Cisco Smart Install Feature

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has disclosed that threat actors are abusing the legacy Cisco Smart Install (SMI) feature with the aim of accessing sensitive data. The agency said it has seen adversaries "acquire system configuration files by leveraging available protocols or software on devices, such as abusing the legacy Cisco Smart Install feature." It also
Avatar
Read More

VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability

VMware has released software updates to address an already patched security flaw in vCenter Server that could pave the way for remote code execution. The vulnerability, tracked as CVE-2024-38812 (CVSS score: 9.8), concerns a case of heap-overflow vulnerability in the implementation of the DCE/RPC protocol. "A malicious actor with network access to vCenter Server may trigger this vulnerability by
Avatar
Read More

Mozilla Faces Privacy Complaint for Enabling Tracking in Firefox Without User Consent

Vienna-based privacy non-profit noyb (short for None Of Your Business) has filed a complaint with the Austrian data protection authority (DPA) against Firefox maker Mozilla for enabling a new feature called Privacy Preserving Attribution (PPA) without explicitly seeking users' consent. "Contrary to its reassuring name, this technology allows Firefox to track user behavior on websites," noyb said
Avatar
Read More