Category: Killnet

As European nations such as Germany, France and Britain are offering a helping hand to Ukraine on recommendation by the Biden led nation, 3 notorious hacking groups -Killnet, Anonymous Sudan and REvil have taken a pledge to conduct a digital assault on the US and European Banking Systems.

A platform has been set by the criminals to launch a major cyber blitz on the financial systems of the developed nations with an objective to achieve- no money, no weapons and no Kyiv.

It is a well known fact that a small nation like Ukraine, that happens to be an immediate neighbor of Russia is retaliating the Putin led military forces with great vigor and valiance. All alone the nation couldn’t have achieved what it has established till date and might have surrendered long back.

Here, a big round of applause must not only be given to Volodomyr Zelenskyy led nation, but the nations that are supporting it with funds, ammunition and essentials must also be appreciated for standing with the Ukrainian populace in tough time.

According to a video posting on a telegram channel on June 13th of this year,  Killnet, Anonymous Sudan and REvil have been assigned a job to disrupt the financial systems of west by launching a DDoS or Ransomware attack by this month end and as per some online resources, the command for assault reportedly came-in from Kremlin.

SWIFT Banking System aka Society for Worldwide Interbank Financial Telecommunication that offers a safe networking gateway for financial transactions is rumored to be the first target of the hackers, followed by Wire, Wise, IBAN, and SEPA.

NOTE– It is unclear when the attack will be launched. However, the news has reached the Interpol who raised an alarm urging the International Banking Network to review its Cybersecurity posture and take necessary action, accordingly.

The post Cyber Attack projected on US and European Banking Systems appeared first on Cybersecurity Insiders.

Eurocontrol, the European air traffic control agency, has revealed that it has been under cyber attack for the last week, and says that pro-Russian hackers have claimed responsibility for the disruption. When you first see the headline in the likes of the Wall Street Journal, it's a scary thing to read. But dig a little deeper, and you realise that the err.. sky is not falling. Read more in my article on the Hot for Security blog.

Microsoft has detected that a Russian-affiliated hacking group dubbed Killnet has been targeting healthcare apps being hosted on the Azure cloud platform. The tech giant claims that the activity has occurred for over three months, i.e. between November 2022 and February 2023. Most were distributed denial of service attacks aka DDoS and a mixture of other attack patterns.

Discovery made by the Windows OS giant states that the focus of Killnet was mainly on pharmaceutical industries and life sciences(31%), followed by hospitals and care services.

Surprisingly, most of the attacks that were launched on the cloud platform emerged from the US, Russia, and war-torn Ukraine.

Microsoft issued a clarification that those enrolled in Azure DDoS Network Protection and Web Application Firewall services need not worry as all such attacks will be mitigated by the threat detection teams of the company.

Meanwhile, the cyber attack on 9 Danish hospitals that took place in the last week of February has been tracked down to a group named Anonymous Sudan, which probably has links with the Killnet or some government agency working for the Soviet Union.

Coming to the other news, Killmilk, the leader of the pro-Russian hacking gang Killnet, has urged his country’s cyber army to target Germany’s arms manufacturing factory Rheinmetall AG. The reason is that the factory chief has decided to establish a battle tank factory in Ukraine by October this year to facilitate Zelenskyy’s army work with more vigor in the ongoing war with Moscow.

 

The post Killnet targeting healthcare apps hosted on Microsoft Azure appeared first on Cybersecurity Insiders.

Killnet launched a Distributed Denial of Service attack(DDoS) on the healthcare websites of the United States and Netherlands, disrupting their operations for several hours. And preliminary investigations revealed that the attack was launched in retaliation for Biden’s pledge to send Abrams battle tanks to support Ukraine against Putin led nation.

The University of Michigan Hospital and Stanford Health Care Center are two of the most renowned websites that were targeted in the attack, and the campaign might intensify further to disrupt critical infrastructure in the coming weeks.

However, anticipating such threats in advance, Biden administration has issued orders to public and private entities managing the critical infrastructure to bolster their cybersecurity measures on a proactive note.

On a separate note, few of the dutch hospitals were also targeted in the attack by the Russian hacktivists. For instance, a University Medical Center hospital in the city of Groningen was also targeted with fake web traffic, but it did not affect any of the medical operations.

NOTE 1- Early last week, Killnet, apparently being funded by GRU, launched a cyber attack on private and public entities in Germany. As the country is supporting worn torn Kyiv by sending defense missile systems.

NOTE 2- A denial of service attack is caused when hackers engage thousands of bots connected in a network to launch fake web traffic. Thus, causing an overload on the servers and denies service to actual traffic causing disruption and resulting in monetary losses.

NOTE 3- Netherlands healthcare computer response team, Z-CERT acknowledged the news and attributed the attack to Killnet.

 

The post Russia Killnet launches DDoS attack on Netherlands and the United States appeared first on Cybersecurity Insiders.

Killnet, the hacking group that works for Russian interests, is targeting UK’s Royal Family websites from the past few days. The attacks are of ‘Distributed Denial of Service (DDoS)’ variant and supposedly seem to take revenge digitally.

It is already known to the entire world that the UK is supplying weapons, essentials and finances to Ukraine to sustain the 2-3 years long of intense war with Kremlin. If people and the army are left to take the hitting of the Russian army, provided the latter has enough ammunition left to do so.

So, the latest DDoS attacks on Britain could be an act of revenge on the government that witnessed three times leadership changes in 8-10 months of war, that began in the early hours of February 24th of this year.

A DDoS attack is a crude form of cyber-attack, where threat actors bombard a network or website with fake web traffic emerging from millions of botnets. This leads to a chaotic situation where the actual traffic gets suspended from reaching the server, resulting in a downtime.

As per the sources reporting to our Cybersecurity Insiders, the London Stock Exchange website, official website of the Prince of Wales and Bankers Automated Clearing Service (BACS) were hit by the cyber-attack.

Killnet group claims to be the saviors of Russia and are assigned to take down Ukraine’s IT infrastructure and those nations that are supporting Zelensky in the war. Obviously, they are receiving fund from Putin’s military and are spread across all nations, making it difficult for the west to precisely track and shut them down.

 

The post Russian Killnet targets UK Royal Family websites appeared first on Cybersecurity Insiders.

If what is being shared by the Russian hacking group Killnet stands true, a portion of FBI website was hacked recently via a ransomware attack and the group of cyber criminals believe that the attack on the digital property of Federal government is indeed a colossal achievement.

The hackers made the revelation on their Telegram page on Monday, and they added that their attempt to intercept a law enforcement website proved successful to a certain extent.

RADIS is the telegram account through which Killnet team posted the hacking details and added they were doing justice to the job of guarding the Russian cyberspace and wrote “Glory to Russia and Killnet”.

On the whole, the main objective of this gang is to infiltrate a network and gather intelligence and, if possible, induce malware that can wipe information, if/when needed.

As of now, FBI website functionality seems normal. However, the news comes exactly after a month after the Russian hacking gang claimed to have taken down websites of US Airports that includes Hartsfield-Jackson Atlanta International Airport, Chicago O’Hare International Airport and Newark Liberty International Airport along with American military serving company Lockheed Martin.

The Federal Bureau of Investigation (FBI) is yet to react to the news and will do that after getting inputs from the white house governed by the Biden Administration.

Meanwhile, Joe Biden, the President of the United States who is taking part in the G20 Summit held in Bali, is busy urging nations to stop cyberwarfare and Nuclear Attacks. He conveyed the same to Chinese President Xi Jinping and sent a formal note to Vladimir Putin through proper channel.

 

The post Killnet launches Cyber Attack on FBI Website appeared first on Cybersecurity Insiders.

US Treasury has released an official confirmation that Russia funded Killnet hacking group was constantly targeting US Financial systems to either disrupt or bring down the whole on a permanent note.

However, the pro-Russian group has failed in either case, as the Treasury was strong enough to repel and mitigate risks associated with the attack with great precision.

Killnet hits its target through DDoS attacks and, according to Microsoft’s Threat Intelligence, has a 27% success rate in doing so.

DDoS attack means a distributed denial of service attack where website/s are hit by a deluge of fake web traffic, thus, making the servers unavailable to the actual traffic.

It seems like Kremlin has assigned digitally disrupting the online services of the west to Killnet, as it has been constantly targeting public and private entities operating in the west with Denial-of-service attacks.

The attack attained special prominence when western nations supported Volodymyr Zelenskyy in his war with Russia by supplying essentials, ammunition and finances.

For this reason, Killnet started a cyberwar by taking down websites of several airports in October this year and more such attacks are expected in the coming days as the Christmas holiday season is fast approaching.

Todd Conklin, the Cybersecurity Counsellor to Deputy Treasury Secretary Wally Adeyemo expressed a similar concern and added that the Biden Administration has taken a note of the IP addresses used in the denial-of-service attacks on the financial services firms and will raise an issue at the international council at time.

 

The post Russia Killnet hacking group targets the US Treasury appeared first on Cybersecurity Insiders.

Russia funded Killnet Hacking Group has disrupted several US Air Travel websites yesterday, including the ones operating for two busiest airports. The Attack was DDoS related and led to the downtime because of overwhelming internet traffic that became unmanageable by the servers.

Both Colorado.gov and Kentucky.org websites were severely hit by the digital assault. However, the attack did not affect the operations at the airport/s.

List of airport websites hit by the Distributed Denial of Service attack are Atlanta International, Montgomery, Alabama, Los Angeles International, Long Beach, California and flychicago.com. Estimates are in that the IT staff of at least 13 of the websites recovered from the incident, among 19.

However, it is unclear on why the kremlin funded cyber criminals failed to infiltrate websites related to O’Hare International Airport and Midway International.

Now to the passengers who have scheduled their air-travel for this week, here’s a news-bit. All affected airports are functioning normally and the recovery of the affected websites is underway. Ticket booking through website might take a slight hit on Tuesday. Rest all services will be operated on a perfect note. Killnet has divulged on its Telegram channel it will post more details about its potential targets from Tuesday this week.

NOTE- Killnet is the same group that disrupted the nuclear power infrastructure in Ukraine in May this year. However, the cyber army of Kyiv, in association with UK’s NCSC, neutralized their attacks scientifically. Another hacking group named ‘Anonymous’ is behind Killnet and has pledged that it would down the entire digital infrastructure of the kremlin funded cyber army by November this year, and the only exception given to Russia is to stop the war with Zelensky led nation.

 

The post Russia Killnet Hacking Group disrupts US Air Travel websites appeared first on Cybersecurity Insiders.

Killnet Hacking group in Russia has launched a sophisticated cyber attack on arms supplier Lockheed Martin of America. And the news is out that the threat actors infiltrated the network of the supplier of M142 High Mobility Artillery Rocket System (HIMARS) as is continuously supplying arms and ammunition to Ukraine on request from the Biden led White House.

As per the details available to our Cybersecurity Insiders, the attack took place on August 1 at 7am by Killnet, also known as Killmilk. And the details of the hack are being kept under wraps, as it can cause unnecessary chaos among people and the elected representatives.

Ukraine is using HIMARS to gain back the Russian-occupied territories from Vladimir Putin’s led nation.

Russia insists that Lockheed Martin is a sponsor for world terrorism and stated that the country and its supporters in war handled the death of several innocent Ukrainian nationals.

Killnet divulged in one of its telegram handles that it operations have now shifted from meager denial of service attacks to something meaningful.

Killmilk malware spreading group was also found launching a digital attack on Lithuanian government institutes in June this year along with a steel and iron ore company in Poland.

Meanwhile, the Higher Council for Scientific Research and all its affiliated centres suffered a data breach that came into light on July 18th this year. The organization has taken all appropriate measures to secure the database and is busy after recovery.

 

The post Russia Killnet hackers launch a cyber attack on US Lockheed Martin appeared first on Cybersecurity Insiders.

Italy has placed all its Critical Infrastructure on high alert as it is facing a cyber threat from the Pro-Russian hacking group Killnet. Information is out that the group of cybercriminals has already hit the infrastructure with digital assaults that have been neutralized by Italy’s Computer Security Incident Response Team(CSIRT).

However, the intensity of the attacks is increasing because of sophistication and so CSIRT has asked all public and private entities to increase vigil over their digital infrastructure.

About 3,000 attacks were launched on the infrastructure between May 11 to May 21, and this includes the attack launched on the voting system of the Eurovision Song Contest that witnessed Ukraine winning the competition on a high note.

Meanwhile, the Anonymous hacking group has made it official that it has officially started a cyberwar on Killnet infrastructure via DDoS attacks and will try to nibble it from its roots. And to a certain extent, the organization succeeded in doing so.

However, Kremlin-backed Killnet is adamant in targeting the infrastructure of Ukraine and is also into downing other infrastructure of countries that are supporting Zelensky by offering essentials, artillery, and finances.

NOTE-Anonymous has also warned the Chinese government about launching any kind of war on Taiwan. The hacking group claims to have full control over the nuclear power stations operating in the Republic of China and can trigger devastation within no time.

 

The post Italy on high alert as Russian Killnet group starts Cyber Attacks appeared first on Cybersecurity Insiders.