Ukrainian bank's service for military donations targeted by ‘massive’ DDoS attack

Hackers targeted one of Ukraine’s most popular online banks with a massive distributed denial-of-service (DDoS) attack, primarily focusing on a service used by Ukrainians to raise donations for the military.

According to Monobank CEO Oleh Horokhovskyi, the attack lasted from Friday evening to Monday morning, reaching a total volume of 7.5 billion requests per second. Horokhovskyi described the scale of the attack as "untypical."

He said the incident didn’t affect the bank’s operations but noted that the company worked with Ukraine’s security services and specialists from U.S.-based cloud computing company Amazon Web Services to mitigate the flood of junk internet traffic.

During a previous DDoS incident in January, Monobank was hit with 580 million junk service requests over three days. The bank only serves customers through a mobile app, making it an attractive target for hackers.

The goal of the latest attack, according to Horokhovskyi, was to disrupt the service that Ukrainians often rely on to raise donations for the country’s armed forces. This service has made donations relatively simple for users — all they have to do is create a virtual wallet and share it directly to their Instagram story for others to contribute.

Horokhovskyi said that since Ukraine launched its surprise cross-border incursion into Russia’s Kursk, Monobank customers have started raising donations three times faster than before.

The "non-stop" donations through the platform over the past three years likely annoyed the enemies, prompting them to attempt to hack the service "at any cost," he added.

Monobank suggested Russia was likely behind the attack but didn’t provide any evidence. Horokhovskyi previously called the bank "one of the most attacked" IT targets in Ukraine.

Another Ukrainian service — EasyWay, which provides information about public transport throughout Ukraine — said on Monday that it was targeted by a DDoS attack, warning that it could affect its operations. EasyWay didn’t attribute the attack to a specific hacker group.

Russian services, meanwhile, are also suffering from DDoS attacks, which often originate from Ukraine. Earlier this month, unnamed hackers targeted government and business websites, as well as critical infrastructure services in Russia’s Kursk region, following Ukraine’s incursion.

In July, several large Russian banks confirmed they suffered DDoS attacks supposedly “planned from abroad” that temporarily disrupted their mobile apps and websites.