Ukrainian hacker

A group of Ukrainian hackers known as the Cyber.Anarchy.Squad claimed an attack that took down Russian telecom provider Infotel JSC on Thursday evening.

Among other things, Moscow-based Infotel provides connectivity services between the Russian Central Bank and other Russian banks, online stores, and credit institutions.

Following yesterday’s attack, multiple major banks across Russia had their access cut off from the country’s banking systems so that they can no longer make online payments, as Ukrainian news site Economichna Pravda first reported.

Infotel has confirmed the incident on its website, saying that it’s currently working on restoring systems that were damaged following what it described as a “massive” attack.

“We would like to inform you that as a result of a massive hacker attack on the network of Infotel JSC, some of the network equipment was damaged,” the Russian company said.

“Restoration work is currently underway. Additional deadlines for completing the work will be announced. We hope for your understanding and further cooperation.”

While Infotel or their attackers are yet to share a timeline of the attacks, Georgia Tech’s Internet Outage Detection and Analysis (IODA) project shows that the Central Bank of Russia’s Internet provider went down on June 8, around 11:00 AM UTC.

Infotel outage
Infotel outage (IODA)

​IODA also confirms that the Russian company is working on restoring its systems, and it was still offline 34 hours after it was knocked down.

“All their infrastructure was destroyed, nothing living was left there,” said the Ukrainian hacktivists on their Telegram channel when they announced the attack yesterday.

“In total, the company has about four hundred clients, a quarter of them are banks, the rest are credit institutions, car dealerships.”

As proof of their attacks, they released screenshots of alleged access to Infotel’s network, including a network diagram and what appears to be a compromised email account.

Infotel network diagram
Infotel network diagram (Cyber.Anarchy.Squad)

​This is a recurring pattern for the Cyber.Anarchy.Squad Ukrainian hacking group, which has targeted other Russian companies since it surfaced after Russia invaded Ukraine.

Notably, last year, the group leaked online databases stolen from the breached systems of a Russian retailer and a jewelry manufacturer.

The leaked databases contained millions of records with information belonging to the companies’ employees and customers, as well as internal company emails.

Source: www.bleepingcomputer.com