Ransomware Attack at Russian Medical Laboratory

July 18, 2023

Customers of the Russian medical laboratory Helix have been unable to receive their test results for several days due to a “serious” cyberattack that crippled the company’s systems over the weekend. According to a statement the lab issued Monday, hackers attempted to infect the company’s systems with ransomware.

read more

Ukrainian Hacktivists Temporarily Disabled Internet Services in some Russia Occupied Territories

October 27, 2023

Ukrainian hackers have temporarily disabled internet services in parts of the country’s territories that have been occupied by Russia. The group of cyber activists known as the IT Army said on Telegram that their distributed denial-of-service (DDoS) attack took down three Russian internet providers — Miranda-media, Krimtelekom, and MirTelekom — operating in the territories.

Early on Friday, Russian internet operators confirmed that they had experienced an “unprecedented level of DDoS attacks from Ukrainian hacker groups,” temporarily disrupting their operations. The attack affected services such as cellular networks, phone calls, and internet connections.

read more

Russian Railways Website Suffers DoDDS Cyberattacks

February 26, 2023

The Russian Railways website has suffered serious cyber attacks. The portal may experience disruptions, the company’s press service warned about this on February 26. “Our website is subject to regular, serious DDoS attacks. <…> The official mobile application of Russian Railways works normally. We are also increasing the number of operating ticket offices at stations so that all our passengers have the opportunity to buy tickets,” says a message published by Russian Railways on Telegram.

read more

Russian RZD Railway Cyberattack Disrupts Online Ticket Sales

July 5, 2023

The Russian state-owned railway company RZD said Wednesday that its website and mobile app were down for several hours due to a “massive” cyberattack, forcing passengers to only buy tickets at railway stations. RZD’s system was down for at least six hours, but the company said later on Wednesday that it had restored its operation despite ongoing attacks. Some of the company’s online services are still unavailable due to the increased load, RZD said.

read more

Russian Medical Lab Helix Hit by Ransomware Attack

July 8, 2023

Customers of the Russian medical laboratory Helix have been unable to receive their test results for several days due to a “serious” cyberattack that crippled the company’s systems over the weekend. Hackers attempted to infect the company’s systems with ransomware. The company told Russian state-owned news agency Tass that its tech team partially restored the functionality of its website, mobile app and other e-health services without paying a ransom.

No customer personal data was leaked. Service disruptions prevented the company from delivering medical test results to its customers on time. Helix did not respond to a request for comment. It is unclear which group is responsible.

read more

DoDDS Attack at Russian Flight Booking System, Leonardo, Disrupts Airport Operations

September 28, 2023

A Russian flight booking system was hit by a cyberattack on Thursday, causing delays at airports. The incident lasted about an hour and affected the operation of several Leonardo customers, including Russian air carriers Rossiya Airlines, Pobeda and flagship airline Aeroflot. DDoS attacks overwhelm websites with a flood of traffic, making them temporarily unavailable to users.

Leonardo is used by more than 50 Russian carriers and serves around 45 million passengers annually, according to the Russian news agency Interfax.

read more

Russian Natural Gas Network System Attacked by pro-Ukrainian Hacker Group

August 23, 2022

A SCADA attack targeted the natural gas system of Khanty-Mansiysk city. The attack destroyed the city’s natural gas facility, knocked out its power plant and caused a blackout at its airport, reports International Business Times. As the world’s second biggest oil producing region (before western sanctions hit Russian oil) Khanty Mansi was the center of the old Soviet oil industry. The SCADA system of Khanty-Mansiysk city’s natural gas network along with its backup system at the airport was completely destroyed in the attack.

Reportedly the pro-Ukrainian group: Team OneFist is behind the attack. The group stressed they observe the rules of war and had taken steps to avoid potential damage to hospitals and civilians. And said that the latest hack was launched by Team OneFist’s new Ukrainian team members and Voltage as a “joint training-mission” to give the new members “a feel of what a SCADA attack is like.”

read more

Satellite Communications System Serving the Russian military Knocked Offline

June 30, 2023

A group of previously unknown hackers has claimed responsibility for a cyberattack on the Russian satellite communications provider Dozor-Teleport, which is used by energy companies and the country’s defense and security services.

Doug Madory, the head of internet analysis at the network monitoring company Kentik confirmed to Record Future News that Dozor-Teleport has been disconnected from the internet and is currently unreachable. Dozor’s parent company, Amtel Svyaz, also suffered a significant outage late on Wednesday, according to Madory.

The hackers claim that they damaged some of the satellite terminals and leaked and destroyed confidential information stored on the company’s servers. The group posted 700 files, including documents and images, to a leak site, as well as some to their newly created Telegram channel.

The group claims to be affiliated with the notorious Wagner Grouphackers. There was no mention of the hack on the official Telegram channel of the Wagner Group and several experts expressed skepticism that the group was involved.

Dozor did not respond to inquiries about the attack.

read more

Pro-Ukrainian Hacktivist Groups Claim Disabling over 1000 Network Routers in Russia

January 15, 2023

The pro-Ukraine hacktivist group TeamOneFist and RoughSec conducted the operation “Turn Ruzzia Off” and claim it demolished or disabled some 1,260 network routers in 48 hours.

The operations combined 3 missions to attack Rostelecom and Beeline ISPs with the objective of creating Internet and VoIP phone outages across all of Russia in government buildings, military facilities and Oligarch homes. The goal of the attack was to cripple Russian war logistics and slow down the Russian process of reinforcing their army in Ukraine.

read more

Novosibirsk Transportation System Attacked by pro-Ukranian Hacker Group

September 2, 2022

Pro-Ukrainian hacktivist collective Team OneFist, allegedly created with the help of the IT Army of Ukraine, attacked the Novosibirsk City Transport Traffic Management System in Operation Yellow Submarine beginning at September 2nd, 2022. OneFist’s founder, named “Voltage” (@SpoogemanGhost), claimed that the operation was “long-planned” and that the IT infrastructure had been breached about a month before the attack.

Due to the attack, city transportation officials were unable to have visibility over traffic conditions and coordinate their flows. The automated bus scheduling system as well as the electronic signs on buses and trolleys were damaged to hamper quick restoration and recovery. Voltage also explained that the attack paralyzed the city and the traffic problems remained for several days until the system was restored, forcing many commuters to walk. During the attack, Team OneFist downloaded the data and was in the process of deleting data when the Russian officials mitigated the damage by removing access to the system.

read more