VTB Bank, Russia’s second-largest financial institution, stated that it is experiencing the biggest cyberattack in its history after a distributed denial of service (DDoS) attack caused its website and mobile apps to go down.

A press representative of VTB stated for TASS (Russia’s leading news agency):

At present, the VTB technological infrastructure is under unprecedented cyberattack from abroad. It is not only the largest cyberattack recorded this year, but in the entire history of the bank.

An analysis of the DDoS attack indicates that it was well-planned and large-scale. Its purpose is to cause inconvenience to the bank’s customers by hindering the banking services operations.


VTB’s online portals are currently down, but the institute ensures its customers that “core banking services” are running normally. The bank also claims that its customers’ information is safe because it is stored within an area of its infrastructure that the threat actors have not been able to access.

The majority of malicious DDoS requests, according to the bank’s findings, come from outside the country, but several IP addresses involved in the attack seem to be located in Russia. This implies that foreign actors are either using local proxies or have successfully recruited local dissidents to participate in their DDoS campaign.

Since the Russian government owns 61% of VTB through the Ministries of Finance and Economic Development, these attacks can be seen as an indirect blow to the Russian government.

‘IT Army of Ukraine’ Takes Credit for the Attack

DDoS attacks against VTB were announced on Telegram at the end of November, and the pro-Ukraine hacktivist group ‘IT Army of Ukraine’ has since claimed responsibility for them.

IT Army of Ukraine Claims Attack Against VTB


The ‘IT Army of Ukraine” was formed in February 2022 with the official blessing of the Ukrainian government in an effort to strengthen the country’s cyber front.

The group previously took down the sited of Rostec – a major Russian aerospace and defense conglomerate and they’ve been particularly active in November, targeting over 900 Russian entities, including: the Central Bank of Russia, the National Center for the Development of Artificial Intelligence, Alfa Bank and stores selling military equipment and drones, explains Bleeping Computer.

The publication also noted that the first hacktivist posts about dissatisfied VTB customers appeared on social media on December 1st but the bank initially downplayed the attack. However, seeing as its websites and mobile apps are currently down, VTB has been forced to publicly acknowledge it.

If you liked this article, follow us on LinkedInTwitterFacebookYoutube, and Instagram for more cybersecurity news and topics.

Russia Hacked: ‘Wiper’ Attacks Spread Across Country as New Ransomware

Top Cybersecurity Trends – Current Landscape and 2023 Predictions

What Is Cyberespionage? Tactics, Targets, and Prevention Tips

Is Cybersecurity a Top Priority for Politicians? World Politics and Cybersecurity

DDoS Attack. How Distributed Denial of Service Works and How to Prevent It

Essential Cybersecurity Considerations for Governmental Organizations

Leave a Reply

Your email address will not be published. Required fields are marked *