Ethical Hacking News
Russian internet provider Nodex has reported that its network was "destroyed" following a planned attack likely originating from Ukraine, leaving customers without fixed-line and mobile services connectivity. The breach, attributed to the Ukrainian Cyber Alliance group, resulted in sensitive documents being stolen and equipment being left empty.
Nodex's network was completely looted and wiped following a planned attack likely originating from Ukraine. Sensitive documents were stolen, and equipment was left empty by the Ukrainian Cyber Alliance group. The breach resulted in significant losses for Nodex, which relies heavily on its network to operate its various services. Internet monitoring organization NetBlocks reported that fixed-line and mobile services connectivity collapsed on Nodex's network after the attack. The Ukrainian Cyber Alliance group has been active since 2016 and has claimed many breaches impacting various Russian organizations.
By Sergiu Gatlan
In a shocking turn of events, Russian internet service provider Nodex has confirmed that its network was completely looted and wiped following a planned attack likely originating from Ukraine. The breach, attributed to the Ukrainian Cyber Alliance group, resulted in sensitive documents being stolen and equipment being left empty.
According to the Ukrainian hacktivists, part of the Ukrainian Cyber Alliance group, who announced their involvement in the attack on Tuesday, Nodex's network was completely looted and wiped. Data exfiltrated, while the empty equipment without backups was left to them. The hackers also shared screenshots of the Russian ISP's VMware, Veeam backup, and Hewlett Packard Enterprise virtual infrastructure they hacked during the breach.
On Tuesday, Nodex confirmed the Ukrainian Cyber Alliance's claims by telling customers in a VKontakte post that its "network is destroyed" following what it described as a planned attack likely originating from Ukraine. The statement read: "Dear subscribers! Last night, an attack was carried out on our infra (presumably from Ukraine). The network has been destroyed. We are restoring it from backups."
Internet monitoring organization NetBlocks also saw fixed-line and mobile services connectivity collapsing on Nodex's network internet operator yesterday at midnight, following the ISP's confirmation it was dealing with a cyberattack.
The disruption to Nodex's services has left customers without access to their usual online activities, including social media, email, and other essential services. The attack has also resulted in significant losses for the Russian ISP, which relies heavily on its network to operate its various services.
Nodex disruption (NetBlocks)
Since the attack was reported, Nodex has issued more updates on the restoration process, telling subscribers that "the network core has been restored" and that its engineers are still working on resetting switches. Three hours later, the Russian ISP said that a DHCP server had been brought online and that Internet connectivity should now be available for many customers.
"Many people should be able to use the Internet. Please reboot your routers," Nodex said in another update on the Russian VKontakte social media network.
The Ukrainian Cyber Alliance has been active since 2016, when multiple hackers and hacker groups (e.g., FalconsFlame, Trinity, RUH8, and CyberHunta) banded together to defend their country from Russian aggression in cyberspace and registered as a non-governmental organization. Since then, UCA cyber activists have claimed many breaches impacting various Russian organizations, including the Russian Ministry of Defense, Commonwealth of Independent States Institute (financed by the Russian state company Gazprom), the Donetsk People's Republic's Ministry of Coal and Energy, Vladimir Putin's political adviser Vladislav Surkov, and multiple Russian military officers and media outlets, among others.
In October 2023, the Ukrainian hacktivists also hacked the Trigona ransomware gang's servers and wiped them clean after exfiltrating all data, including source code, database records, and cryptocurrency hot wallets.
The breach of Nodex's network has sparked widespread concern among cybersecurity experts and organizations worldwide. The attack highlights the increasing threat posed by state-sponsored hacking groups and their ability to launch sophisticated attacks on critical infrastructure.
As the world grapples with the aftermath of this cyberattack, it is essential to understand the motivations behind such actions and the implications for global security. The Ukrainian Cyber Alliance's actions demonstrate a growing willingness among hacktivists to challenge the status quo and hold nations accountable for their online activities.
In conclusion, the breach of Nodex's network serves as a stark reminder of the ongoing threat posed by cyberattacks and the need for organizations to prioritize cybersecurity and invest in robust defenses. As we move forward in this complex digital landscape, it is crucial that governments, corporations, and individuals take proactive measures to protect themselves from such attacks.
Related Information:
https://www.bleepingcomputer.com/news/security/russian-isp-confirms-ukrainian-hackers-destroyed-its-network/
https://en.wikipedia.org/wiki/Ukrainian_Cyber_Alliance
https://gizmodo.com/ukranian-hackers-managed-to-nearly-destroy-russian-internet-provider-2000547701
Published: Wed Jan 8 15:36:16 2025 by llama3.2 3B Q4_K_M
