Ukrainian hacktivists claim attack on popular Russian CRM provider

A group of politically motivated Ukrainian hackers claimed they disrupted the operations of Bitrix24, a Russian provider of customer relationship management (CRM) services.

“This means war sponsors like Rosneft are facing huge operational issues with their clients, just like over 40% of CRM system users in the aggressor country,” the IT Army of Ukraine said on Wednesday in a statement on Telegram. Rosneft is a Russian state-controlled energy company.

Bitrix24 hasn't officially confirmed the incident, but its website indicates that on Wednesday, its servers in Russia, Belarus, and Kazakhstan experienced "a temporary failure." The company blamed the disruption on network connectivity issues and said that it is working to resolve the problem. The server's availability status hasn't been updated yet.

Bitrix24 says it runs 16 data centers in different countries, including Germany and the U.S. Its services seemed to be down on Thursday only in certain Eastern European regions. The company hasn't responded to a request for comment at the time of writing.

Ukraine’s IT Army told Recorded Future News that it hit Bitrix24’s systems with a distributed denial-of-service (DDoS) attack. It was mainly aimed at the infrastructure that supports the company's operations, including data centers and internal services, according to the hackers.

“Our goal was to not only stop services for customers but also to disrupt the work of Bitrix employees,” said IT Army’s spokesperson.

On Thursday, the IT Army said that Bitrix24 was still down after the attack. The group said in a comment that it is still trying to sustain the attack.

The company’s customers turned to its official Telegram channel to complain about disruptions. Some users said they could not receive calls and messages, while others complained about the availability of Bitrix24’s cloud services.

“Failures like these damage the service's reputation and make us reconsider using it, as we suffer losses in such situations,” one of the customers said.

In response to these comments, the company said that its specialists "are currently working to resolve problems with the availability of some of its services."

Bitrix24 is one of the most popular CRM systems for Russian medium and small businesses. It offers services similar to Western brands such as HubSpot and Zoho. On its LinkedIn page, the company claims that it also serves customers from Fortune 500 companies, including Xerox, Samsung, Volkswagen, KIA, Gazprom, Vogue and PC Magazine.

Bitrix24’s parent company, 1C-Bitrix, is headquartered in Russia. The company also lists main offices in Virginia in the U.S. and in Cyprus. A co-founder said in an interview in 2020 that Bitrix24’s revenues abroad are comparable to Russian ones.

Before Russia’s invasion, Ukraine relied heavily on Russian CRM systems, including Bitrix24. Nearly 10,000 businesses used it before the company exited the Ukrainian market earlier this year. Bitrix24 is now sanctioned in the country.