List of Proxy IPs Used by Killnet, Released
The List of over 17,000 IP Addresses Can Be Used by Organizations for Protection Against DDoS Attacks.
Cybersecurity researchers published a list of proxy IP addresses used by the pro-Russian group Killnet to neutralize its attacks. The list, which contains over 17,746 IPs, was disclosed by SecurityScorecard researchers.
Since March 2022, the Killnet group has launched DDoS attacks against governments and key infrastructure in nations that have shown support for Ukraine, including Italy, Romania, Moldova, the Czech Republic, Lithuania, Norway, and Latvia.
The Dutch National Cyber Security Centre (NCSC) announced earlier this month that the websites of many hospitals in the Netherlands and Europe had been targeted by DDoS attacks carried out by the group Killnet.
Because of their support for Ukraine, the group of hackers launched an offensive on hospitals in European countries.
Hospitals in the United Kingdom, Germany, Poland, Scandinavia, and the United States were also attacked by the hackers. As per Security Affairs, the attacks were revealed on the group’s Telegram channel last week, when the group also issued a call to arms against the US government’s healthcare system.
The List Contains over 17,000 IP Addresses
There are about 17,746 IP addresses in the list, which was made public on GitHub and can be accessed here. Organizations can use this information to blacklist these IP addresses and protect themselves from DDoS attacks. Other criminal organizations’ proxy IPs are also on the experts’ shared list.
To help organizations better protect themselves, SecurityScorecard has published a list of proxy IPs to help block the Killnet DDoS bot.
The pro-Russian group increased its operations last week. The organization launched a series of DDoS attacks against German airports, government agencies, and banks’ websites. The hacktivists carried out the attacks in retaliation to the German government’s decision to deliver Leopard 2 tanks to Ukraine.
Killnet also claimed responsibility for the DDoS attack that brought down the European Parliament’s website in November.