Ukrainian military agencies, state-owned banks hit by DDoS attacks

The Ministry of Defense and the Armed Forces of Ukraine and two of the country’s point out-owned banking companies, Privatbank (Ukraine’s largest bank) and Oschadbank (the Condition Savings Financial institution), are currently being hammered by Dispersed Denial-of-Provider (DDoS) attacks.

Right now, Ukraine’s Cyberpolice also reported that lender customers received text messages proclaiming that bank ATMs were being down, incorporating that they have been “aspect of an data attack and do not correspond to fact.”

The Ukrainian Ministry of Protection, whose website has been taken down subsequent the assaults, explained that its “site was almost certainly attacked by DDoS: an extreme number of requests per second was recorded.”

“Starting from the afternoon of February 15, 2022, there is a highly effective DDOS assault on a range of facts resources of Ukraine,” Ukraine’s State Services for Special Interaction and Facts Safety additional.

“In certain, this brought about interruptions in the perform of website solutions of Privatbank and Oschadbank. The internet sites of the Ministry of Defense and the Armed Forces of Ukraine have been also attacked.”

Ukrainian Defense Ministry site knocked down
Ukrainian Defense Ministry web page knocked down (BleepingComputer)

Although the Ukrainian defense ministry web page has been knocked out, Oschadbank‘s and Privatbank‘s web site is continue to available despite the fact that buyers can’t log in to their online banking accounts. 

The Ukrainian Middle for Strategic Communications and Information and facts Security mentioned in a Facebook message that Privatbank users have been reporting problems with payments and with the bank’s mobile application.

Some added that they could not access their Privat24 net banking accounts, although other people have viewed incorrect balances and current transactions.

Privatbank’s website application firewall (WAF) was also up to date with a website traffic geofencing rule, mechanically taking away the website’s contents for IP addresses exterior of Ukraine and showing a “BUSTED! PRIVATBANK WAF is looking at you)” concept.

PrivatBank site defaced
Privatbank geofencing (BleepingComputer)

On Monday, the Security Provider of Ukraine (SSU) said the place is becoming specific in an ongoing “huge wave of hybrid warfare” that aims to bring about anxiety and undermine Ukrainians confidence in the state’s capacity to defend them.

The SSU included that it has presently counteracted several such attempts connected to hostile intelligence businesses and dismantled bot farms targeting Ukrainian citizens with bomb threats and pretend information built to unfold panic.

The country’s Laptop Crisis Reaction Staff warned of assaults against Ukrainian authorities, coordinated by the Gamaredon hacking team (joined to Russia’s Federal Safety Assistance (FSB) by the Ukrainian security and top secret services).

The SSU extra a single working day later that it blocked extra than 120 cyberattacks targeting Ukrainian state institutions throughout January 2022.

Microsoft also claimed earlier this thirty day period that Gamaredon has been coordinating a wave of spear-phishing emails targeting Ukrainian entities and orgs connected to Ukrainian affairs considering the fact that October 2021.

Update: Extra details regarding Privatbank geoblocking traffic.