Ukrainian hacktivists, a part of the Ukrainian Cyber Alliance group, introduced on Tuesday they’d breached Russian web service supplier Nodex’s community and wiped hacked techniques after stealing delicate paperwork.
“The Russian web supplier Nodex in St. Petersburg was utterly looted and wiped. Knowledge exfiltrated, whereas the empty gear with out backups was left to them,” the Ukrainian hacktivists introduced yesterday on Telegram.
The hackers additionally shared screenshots of the Russian ISP’s VMware, Veeam backup, and Hewlett Packard Enterprise digital infrastructure they hacked through the breach.
On Tuesday, Nodex confirmed the Ukrainian Cyber Alliance’s claims by telling clients in a VKontakte publish that its “community is destroyed” following what it described as a deliberate assault possible originating from Ukraine.
“Pricey subscribers! Final evening, an assault was carried out on our infra (presumably from Ukraine). The community has been destroyed. We’re restoring it from backups,” Nodex stated. “There are not any timelines or forecasts in the mean time. Our precedence is to first restore telephony and the decision middle.”
Web monitoring group NetBlocks additionally noticed fixed-line and cell companies connectivity collapsing on Nodex’s community web operator yesterday at midnight, following the ISP’s affirmation it was coping with a cyberattack.
The File first reported the assault, saying Nodex’s web site was nonetheless down and the Russian Web supplier was nonetheless engaged on restoring techniques. Nonetheless, the corporate couldn’t present a timeline for when techniques would return on-line.
Since then, Nodex has issued extra updates on the restoration course of, telling subscribers that “the community core has been restored” and that its engineers are nonetheless engaged on resetting switches.
Three hours later, the Russian ISP stated {that a} DHCP server had been introduced on-line and that Web connectivity ought to now be out there for a lot of clients.
“Many individuals ought to be capable of use the Web. Please reboot your routers,” Nodex stated in one other replace on the Russian VKontakte social media community.
The Ukrainian Cyber Alliance has been energetic since 2016, when a number of hackers and hacker teams (e.g., FalconsFlame, Trinity, RUH8, and CyberHunta) banded collectively to defend their nation from Russian aggression in our on-line world and registered as a non-governmental group.
Since then, UCA cyber activists have claimed many breaches impacting varied Russian organizations, together with the Russian Ministry of Protection, Commonwealth of Impartial States Institute (financed by the Russian state firm Gazprom), the Donetsk Folks’s Republic’s Ministry of Coal and Vitality, Vladimir Putin’s political adviser Vladislav Surkov, and a number of Russian army officers and media retailers, amongst others.
In October 2023, the Ukrainian hacktivists additionally hacked the Trigona ransomware gang’s servers and wiped them clear after exfiltrating all information, together with supply code, database information, and cryptocurrency sizzling wallets.