Major Russian banks hit with DDoS attacks as Ukraine claims responsibility
Several large Russian banks confirmed on Wednesday that they suffered distributed denial-of-service (DDoS) attacks that temporarily disrupted their mobile apps and websites, according to local media reports.
The Russian state-owned bank VTB told the state news agency TASS that due to the attack “planned from abroad,” its clients experienced problems using the bank's online services.
The Russian Agricultural Bank told Russian media Izvestia that it was also hit by a DDoS attack on Tuesday, but its consequences were “minimal” as the bank implemented “a new enhanced system for combating attacks of this type.”
Russia’s privately-owned Gazprombank, the third largest in the country, said its clients experienced some difficulties when performing transactions in its app due to the attacks, but the problem was quickly fixed.
Other Russian banks reportedly affected by the attacks include Alfa Bank, Rosbank and Post Bank.
On Wednesday, Ukraine’s military intelligence (HUR) claimed responsibility for the DDoS campaign against the Russian banking sector. Speaking to Ukrainian media, an anonymous source at HUR said that the attacks also disrupted the operation of several Russian payment systems and large telecom operators, including Beeline, Megafon, Tele2 and Rostelecom.
This information couldn’t be independently verified. The HUR official claimed that the attack “is still ongoing and far from over.”
This is not the first time Ukraine’s intelligence has claimed to hack Russian enterprises, including banks and internet providers.
In an incident publicized in October, two groups of pro-Ukrainian hackers and Ukraine’s security service (SBU) claimed to have breached Russia's largest private bank, Alfa-Bank. In January, attackers involved in the Alfa-Bank hack released data they claimed belonged to 30 million bank customers.
In another attack earlier this year, the pro-Ukrainian hacker group Blackjack, in cooperation with the SBU, said it breached a Moscow internet provider to seek revenge for a Russian cyberattack on Ukraine’s largest telecom company, Kyivstar.
Not all of the reports by Ukraine’s hackers or intelligence officials could be verified independently — Russia has typically either ignored or denied them, and DDoS attacks are typically easy to remediate. The latest DDoS campaign against banks, however, is one of the few cases where the attack had undeniable consequences, even though Russia said that the impact of the attacks was minimal.
Daryna Antoniuk
is a reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.