Ukrainian Hackers Attack Russian Financial Services

Uploaded on 2025-01-21 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, INTELLIGENCE-Hot Spots-Russia, FREE TO VIEW, BUSINESS-Services-Financial

Russia's leading electronic trading platform, Roseltorg has been attacked by a pro-Ukraine hacking group called Yellow Drift.

Roseltorg is one of the largest electronic trading operators selected by the Russian government to conduct public procurement, including contracts in the defence and construction industries. The platform also offers tools for electronic document management and procurement planning.  

In a  statement, Roseltorg disclosed that it had been targeted by "an external attempt to destroy data and the entire infrastructure of electronic trading."  

Roseltorg stated that all data and infrastructure affected by the recent attack had been fully restored, and trading systems are expected to resume operations shortly. Yellow Drift  have claimed that they were responsibile for the attack on Roseltorg, stating they had deleted 550 terabytes of data, including emails and backups.

 As evidence of their exploit the hackers published screenshots from the platform’s allegedly compromised infrastructure on their Telegram channel.“If you support tyranny and sponsor wars, be prepared to return to the Stone Age," the hackers said.  

The cyber attack on Roseltorg is  affecting clients who rely on the platform’s operations, including government agencies, state-owned companies and suppliers.  Numerous users of the platform have expressed concerns,  complaining about potential financial losses and delays in the procurement process.  

Roseltorg said in a statement that once access to the trading systems is reinstated, all deadlines for procedures, including contract signings, will be automatically extended without requiring any requests from users.  

According to local reports, Roseltorg serves some of the largest Russian corporations, including oil company Lukoil, digital service provider Rostelecom and diamond mining company Alrosa, as well as government agencies including the Ministry of Defence and internet regulator Roskomnadzor.  

Roseltorg is one of several Russian companies targeted by pro-Ukraine hackers this month. Recently a group of hackers with unknown ties claimed responsibility for breaching Rosreestr, a Russian government agency responsible for managing property and land records.  

  • Another hacker group, known as the Ukrainian Cyber Alliance, also claimed responsibility for a hack on the Russian Internet provider Nodex, which has confirmed the attack.
  • In a different exploit, the Ukrainian hacker group known as Cyber Anarchy Squad claims to have attacked a  Russian technology  company Infobis, which develops systems for planning, monitoring, and accounting of agricultural work.  

The hackers claimed to have exfiltrated 3 TB of data and destroyed part of the company’s infrastructure although Infobis has not commented on the alleged attack. 

Yellow Drift's asserts that it destroyed 550 TB of data as a result of their exploit, while Roseltorg say that it has recovered of all the missing data and is working to restore its trading systems and operations. 

Roseltorg   |   Yellow Drift   |    Record   |   CNews   |   SCWorld   |   Euromaidan

Image: Ideogram

You Might Also Read: 

 

 

 

« Remote Deletion Of Malware Enforced On Thousands Of Computers 
How SASE Fits Into The Modern Cybersecurity Landscape »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

CFC Underwriting

CFC Underwriting

CFC is a specialist insurance provider and a pioneer in emerging risk, including cyber insurance.

CSIRT Malta

CSIRT Malta

CSIRT Malta supports critical infrastructure organisations in Malta on how to protect their information infrastructure assets and systems from cyber threats and incidents.

Cyber Security Capital (CS^)

Cyber Security Capital (CS^)

Cyber Security Capital is a consultancy helping to mobilise and empower individuals, corporate leaders and entrepreneurs in cyber security.

Conscia

Conscia

Conscia provides IT infrastructure solutions and 24/7 services in network, data center, security and mobility.

BTWorks

BTWorks

BTWorks provides identity management and anti-phishing / smishing solutions for web and mobile apps.

Focal Point Data Risk

Focal Point Data Risk

Focal Point is a pure-play data risk management provider capable of offering end-to-end consulting, implementation, and training services.

Niksun

Niksun

Niksun's forensics-based cyber security and network performance monitoring products provide customers with actionable insight into security threats, performance issues, and compliance risks.

ETSI

ETSI

ETSI is a European Standards Organization dealing with telecommunications, broadcasting and other electronic communications networks and services including cybersecurity.

Componolit

Componolit

Componolit GmbH is a highly specialized company with a strong emphasis on trustworthy software, component-based systems and formal verification.

SecurIT360

SecurIT360

SecurIT360 is a full-service specialized Cyber Security and Compliance consulting firm.

GreenPages Technology Solutions

GreenPages Technology Solutions

GreenPages provide expert strategic guidance and proven cloud-era solutions for our clients. Every day we help organizations leverage the cloud securely with less risk and cost.

SafeBase

SafeBase

Safebase provide the infrastructure for Trust Communication. Our Trust Center enables Security and Sales teams to share and automate access to security, compliance, and privacy information.

Rapifuzz

Rapifuzz

At Rapifuzz, our goal is to help organizations test and secure their APIs enabling trust, innovation and Seamless Secured Digital Experiences.

Applaudo

Applaudo

Applaudo specializes in helping the world’s most admired brands optimize their IT solutions, reduce delivery costs, and accelerate their digital transformation.

CyberGuardPro

CyberGuardPro

CyberGuardPro is a premier cybersecurity firm that prioritizes safeguarding businesses and individuals from the evolving landscape of digital threats.

SITE Intelligence Group

SITE Intelligence Group

For over two decades, SITE Intelligence Group has provided customers with critical actionable intelligence and analysis on terrorist and violent extremist online networks.