Ukrainian Hackers Attack Russian Financial Services

Uploaded on 2025-01-21 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, INTELLIGENCE-Hot Spots-Russia, FREE TO VIEW, BUSINESS-Services-Financial

Russia's leading electronic trading platform, Roseltorg has been attacked by a pro-Ukraine hacking group called Yellow Drift.

Roseltorg is one of the largest electronic trading operators selected by the Russian government to conduct public procurement, including contracts in the defence and construction industries. The platform also offers tools for electronic document management and procurement planning.  

In a  statement, Roseltorg disclosed that it had been targeted by "an external attempt to destroy data and the entire infrastructure of electronic trading."  

Roseltorg stated that all data and infrastructure affected by the recent attack had been fully restored, and trading systems are expected to resume operations shortly. Yellow Drift  have claimed that they were responsibile for the attack on Roseltorg, stating they had deleted 550 terabytes of data, including emails and backups.

 As evidence of their exploit the hackers published screenshots from the platform’s allegedly compromised infrastructure on their Telegram channel.“If you support tyranny and sponsor wars, be prepared to return to the Stone Age," the hackers said.  

The cyber attack on Roseltorg is  affecting clients who rely on the platform’s operations, including government agencies, state-owned companies and suppliers.  Numerous users of the platform have expressed concerns,  complaining about potential financial losses and delays in the procurement process.  

Roseltorg said in a statement that once access to the trading systems is reinstated, all deadlines for procedures, including contract signings, will be automatically extended without requiring any requests from users.  

According to local reports, Roseltorg serves some of the largest Russian corporations, including oil company Lukoil, digital service provider Rostelecom and diamond mining company Alrosa, as well as government agencies including the Ministry of Defence and internet regulator Roskomnadzor.  

Roseltorg is one of several Russian companies targeted by pro-Ukraine hackers this month. Recently a group of hackers with unknown ties claimed responsibility for breaching Rosreestr, a Russian government agency responsible for managing property and land records.  

  • Another hacker group, known as the Ukrainian Cyber Alliance, also claimed responsibility for a hack on the Russian Internet provider Nodex, which has confirmed the attack.
  • In a different exploit, the Ukrainian hacker group known as Cyber Anarchy Squad claims to have attacked a  Russian technology  company Infobis, which develops systems for planning, monitoring, and accounting of agricultural work.  

The hackers claimed to have exfiltrated 3 TB of data and destroyed part of the company’s infrastructure although Infobis has not commented on the alleged attack. 

Yellow Drift's asserts that it destroyed 550 TB of data as a result of their exploit, while Roseltorg say that it has recovered of all the missing data and is working to restore its trading systems and operations. 

Roseltorg   |   Yellow Drift   |    Record   |   CNews   |   SCWorld   |   Euromaidan

Image: Ideogram

You Might Also Read: 

 

 

 

« Remote Deletion Of Malware Enforced On Thousands Of Computers 
How SASE Fits Into The Modern Cybersecurity Landscape »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

National Cyber Security Centre Finland (NCSC-FI)

National Cyber Security Centre Finland (NCSC-FI)

The NCSC-FI develops and monitors the operational reliability and security of communications networks and services in Finland.

Cofense

Cofense

Cofense (formerly PhishMe) is a leading provider of human-driven phishing defense solutions.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

OIC-CERT

OIC-CERT

OIC-CERT is the Computer Emergency Response Team for Organisation of Islamic Cooperation (OIC) member countries.

Infowhiz solutions

Infowhiz solutions

Infowhiz provides solutions for backup/disaster recovery and network security.

Brainloop

Brainloop

Brainloop's security architecture enables you to work on and distribute strictly confidential documents both within and beyond the firewall.

Seqrite

Seqrite

Seqrite offers a highly advanced range of enterprise and IT security solutions to protect your organization's most critical data.

ENAC

ENAC

ENAC is the national accreditation body for Spain. The directory of members provides details of organisations offering certification services for ISO 27001.

Hawk Network Defense

Hawk Network Defense

HAWK.io is the First Fully Automated, Multi-Tenant, Cloud-Based, MDR Service Company.

SecureNation

SecureNation

SecureNation offers a wide variety of cutting-edge technologies and IT services to address almost any of your information security, network security and information assurance needs.

Char49

Char49

Char49 specialize in Penetration Testing, Red Team Assessment, Social Engineering and Security Research.

NightDragon

NightDragon

NightDragon is a venture capital firm investing in innovative growth and late stage companies within the cybersecurity, safety, security, and privacy industry.

BitTrap

BitTrap

BitTrap helps companies worldwide detect attackers and put an early end to breaches, preventing data exfiltration and ransomware altogether.

Encova Insurance

Encova Insurance

Encova’s cyber liability coverage protects you and your customers in case of a security breach in your company's data.

SilverEdge Government Solutions

SilverEdge Government Solutions

SilverEdge is a next generation provider of innovative and proprietary cybersecurity, software, and intelligence solutions for the Defense and Intelligence Communities.

NinjaOne

NinjaOne

The NinjaOne Platform was built to help IT and MSP teams efficiently manage, patch, and support all endpoints.