Pro-Ukrainian hackers claim attack on Russian cyber company

Avatar

A pro-Ukrainian hacker group, known as Cyber Anarchy Squad, claimed it hacked the Russian information security firm Avanpost and leaked a trove of its data.

The hackers said over the weekend that they encrypted over 400 virtual machines running Linux or Windows and most of the physical workstations of the company’s employees. The group also reportedly destroyed more than 60 terabytes of data and leaked 390 gigabytes of “valuable information.”

Avanpost has been operating in Russia for 15 years, developing authorization and authentication systems for local businesses.

The company confirmed the incident on Sunday, saying that the company’s infrastructure was hit by a “serious cyberattack.” They didn’t provide details of how serious the damage was or what data — if any — was leaked.

“Our top priority is our customers’ data. We take all possible measures to protect and restore our information systems,” the company said.

Avanpost advised its customers, which include Russian airports, a large water supply company and telecom service providers, to update their identification data and change passwords “as a precaution.” The company also asked not to trust “rumors” and only rely on official information.

It is not clear how the hackers got into Avanpost’s system, what tools they used, and what kind of data was leaked.

Cyber Anarchy Squad shared some of the allegedly leaked data on Telegram and the file hosting service Mega. They also posted screenshots of what they claim to be a group chat of Avanpost employees discussing the hack. The authenticity of this data couldn’t be independently verified.

Pro-Ukraine hackers have claimed attacks on Russian companies before, but on rare occasions are these incidents confirmed.

Last June, Cyber Anarchy Squad hit a Russian internet and telecommunications company, Infotel, used mostly by banks and online stores, with a “massive” cyberattack. Infotel confirmed the attack, saying that the hackers damaged its network equipment.

Earlier in October, Russian security services detained an 18-year-old student for reportedly working for Cyber Anarchy Squad and carrying out cyberattacks on local authorities and universities.

The group hasn’t directly confirmed the attribution but commented on the article, saying that the mentioned student “is doing more” than the majority of Russians.

CybercrimeIndustryNewsNews Briefs
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Daryna Antoniuk

is a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.

 

Total
0
Shares
Previous Post

State Department: UN cybercrime treaty must include human rights protections

Next Post

Influence actors expected to adjust tactics amid chaotic election cycle, intel official says

Related Posts

Inside Iran’s Cyber Playbook: AI, Fake Hosting, and Psychological Warfare

U.S. and Israeli cybersecurity agencies have published a new advisory attributing an Iranian cyber group to targeting the 2024 Summer Olympics and compromising a French commercial dynamic display provider to show messages denouncing Israel's participation in the sporting event. The activity has been pinned on an entity that's known as Emennet Pasargad, which the agencies said has been operating
Avatar
Read More