Ukraine security services involved in hack of Russia’s largest private bank


Ukrainian hackers collaborated with the country’s security services, the SBU, to breach Russia’s largest private bank, a source within the department confirmed to Recorded Future News.

Last week, two groups of pro-Ukrainian hackers, KibOrg and NLB, hacked into Alfa-Bank and claimed to obtain the data of more than 30 million customers, including their names, dates of birth, account numbers, and phone numbers, according to a post on their official website.

Alfa-Bank was sanctioned by the United States following Russia’s invasion of Ukraine last year. The bank is owned by the Russian-Israeli billionaire Mikhail Fridman, who is blacklisted by the U.S. and Europe as part of efforts to impose restrictions on Russia’s economy and its wealthiest businessmen.

Hackers released some of the data online, including information about Fridman and his son, pro-Russian blogger Artemy Lebedev, and Russian rappers Timati and Basta. Alfa-Bank denied reports of the leak, according to Russian news agency TASS.

A source within Ukraine’s security service who requested anonymity because he is not authorized to speak publicly about the incident confirmed to Recorded Future News that the Ukrainian agency was involved in the operation, but did not provide further details.

This is not the first time Ukraine’s intelligence has collaborated with hacktivists. The head of cybersecurity at the Security Service of Ukraine, Illia Vitiuk, has said previously that documents leaked by Ukrainian hackers play a significant role in the country’s cyber intelligence efforts.

According to Vitiuk, the leaked data helps Ukraine to find out the Kremlin’s targets in Ukraine, how the enemy’s troops move, and how Russia avoids Western sanctions.

“Cyber intelligence helps us to obtain top-secret enemy documents,” Vitiuk said. “In the past, we had to recruit a spy in the enemy’s country to get this kind of material, which was risky and time-consuming.”

The hackers who broke into Alfa-Bank said they plan to share the obtained data with investigative journalists.

They also claim to have asked Ukrainian YouTube blogger and prankster Evgeniy Volnov to call Fridman and tell him about the hack. The hacktivists published the alleged conversation on their website, in which Fridman supposedly said that he could not do anything about the hack and hung up the phone.

Alfa-Bank didn’t respond to request for comment.

Previously, hackers from NLB claimed responsibility for a cyberattack on Russia’s MTS Bank and Russia’s largest state-owned bank, Sberbank.

Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Daryna Antoniuk
is a freelance reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.


Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Spanish police arrest 34 alleged cybercriminals for scamming operation

Next Post

New York health network restores services after crippling cyberattack

Related Posts

New Intel CPU Vulnerability ‘Indirector’ Exposes Sensitive Data

Modern CPUs from Intel, including Raptor Lake and Alder Lake, have been found vulnerable to a new side-channel attack that could be exploited to leak sensitive information from the processors. The attack, codenamed Indirector by security researchers Luyi Li, Hosein Yavarzadeh, and Dean Tullsen, leverages shortcomings identified in Indirect Branch Predictor (IBP) and the Branch Target Buffer (BTB
Read More