Contents:
VTB Bank, Russia’s second-largest financial institution, stated that it is experiencing the biggest cyberattack in its history after a distributed denial of service (DDoS) attack caused its website and mobile apps to go down.
A press representative of VTB stated for TASS (Russia’s leading news agency):
At present, the VTB technological infrastructure is under unprecedented cyberattack from abroad. It is not only the largest cyberattack recorded this year, but in the entire history of the bank.
An analysis of the DDoS attack indicates that it was well-planned and large-scale. Its purpose is to cause inconvenience to the bank’s customers by hindering the banking services operations.
VTB’s online portals are currently down, but the institute ensures its customers that “core banking services” are running normally. The bank also claims that its customers’ information is safe because it is stored within an area of its infrastructure that the threat actors have not been able to access.
The majority of malicious DDoS requests, according to the bank’s findings, come from outside the country, but several IP addresses involved in the attack seem to be located in Russia. This implies that foreign actors are either using local proxies or have successfully recruited local dissidents to participate in their DDoS campaign.
Since the Russian government owns 61% of VTB through the Ministries of Finance and Economic Development, these attacks can be seen as an indirect blow to the Russian government.
‘IT Army of Ukraine’ Takes Credit for the Attack
DDoS attacks against VTB were announced on Telegram at the end of November, and the pro-Ukraine hacktivist group ‘IT Army of Ukraine’ has since claimed responsibility for them.
The ‘IT Army of Ukraine” was formed in February 2022 with the official blessing of the Ukrainian government in an effort to strengthen the country’s cyber front.
The group previously took down the sited of Rostec – a major Russian aerospace and defense conglomerate and they’ve been particularly active in November, targeting over 900 Russian entities, including: the Central Bank of Russia, the National Center for the Development of Artificial Intelligence, Alfa Bank and stores selling military equipment and drones, explains Bleeping Computer.
The publication also noted that the first hacktivist posts about dissatisfied VTB customers appeared on social media on December 1st but the bank initially downplayed the attack. However, seeing as its websites and mobile apps are currently down, VTB has been forced to publicly acknowledge it.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, Youtube, and Instagram for more cybersecurity news and topics.
Madalina, a seasoned digital content creator at Heimdal®, blends her passion for cybersecurity with an 8-year background in PR & CSR consultancy. Skilled in making complex cyber topics accessible, she bridges the gap between cyber experts and the wider audience with finesse.
