The second-largest bank in Russia, VTB Bank, claims to be dealing with the worst hack in its history after a DDoS (distributed denial of service) attack forced the closure of both its website and mobile apps.
“At present, the VTB technological infrastructure is under unprecedented cyberattack from abroad,” stated a VTB spokesperson to TASS (translated). “It is not only the largest cyberattack recorded this year, but in the entire history of the bank.”
According to the bank’s internal investigation, the DDoS assault was planned and executed to annoy its clients by interfering with their financial services. Although VTB’s online portals are unavailable, the institute claims that all essential banking services are unaffected. Additionally, VTB claims that client data is secure since it is kept inside the infrastructure’s internal perimeter, which the attackers have not yet broken.
The bank claims that it has determined that most malicious DDoS requests come from outside the nation. However, the attack also involves several Russian IP addresses. It indicates that foreign attackers are either using local residents as proxies or have been successful in enlisting local dissidents in their Dos attack. Russian law enforcement agencies have been informed about these IP addresses to conduct a criminal investigation.
Since the Ministry of Finance and the Ministry of Economic Development both possess a stake in VTB, which the Russian government holds in indirect proportion at 61 percent, these attacks have a political undertone. The DDoS attacks against VTB have been attributed to the pro-Ukraine hacktivist collective “IT Army of Ukraine,” which launched the campaign on Telegram at the end of November.
In an effort to fortify the nation’s cyber front, the specific organization of hacktivists was established in February 2022 with the official support of the Ukrainian government. A webpage used by vodka makers and distributors had an outage due to the “IT Army of Ukraine,” and the websites of Rostec, a key Russian aerospace and defense firm, were also taken down. The Central Bank of Russia, the National Center for the Development of Artificial Intelligence, and Alfa Bank are just a few of the over 900 Russian businesses that the pro-Ukraine hackers targeted in November.
On December 1, 2022, the hacktivists uploaded complaints about VTB clients on social media, which the bank attempted to downplay. This signaled the beginning of the disruption on VTB. Now that the bank’s websites and mobile applications are down, the interruption in service is more obvious, and VTB was forced to publicly acknowledge that a DDoS attack is to blame.