Ukrainian Hackers Attack Russian Financial Services

Uploaded on 2025-01-21 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, INTELLIGENCE-Hot Spots-Russia, FREE TO VIEW, BUSINESS-Services-Financial

Russia's leading electronic trading platform, Roseltorg has been attacked by a pro-Ukraine hacking group called Yellow Drift.

Roseltorg is one of the largest electronic trading operators selected by the Russian government to conduct public procurement, including contracts in the defence and construction industries. The platform also offers tools for electronic document management and procurement planning.  

In a  statement, Roseltorg disclosed that it had been targeted by "an external attempt to destroy data and the entire infrastructure of electronic trading."  

Roseltorg stated that all data and infrastructure affected by the recent attack had been fully restored, and trading systems are expected to resume operations shortly. Yellow Drift  have claimed that they were responsibile for the attack on Roseltorg, stating they had deleted 550 terabytes of data, including emails and backups.

 As evidence of their exploit the hackers published screenshots from the platform’s allegedly compromised infrastructure on their Telegram channel.“If you support tyranny and sponsor wars, be prepared to return to the Stone Age," the hackers said.  

The cyber attack on Roseltorg is  affecting clients who rely on the platform’s operations, including government agencies, state-owned companies and suppliers.  Numerous users of the platform have expressed concerns,  complaining about potential financial losses and delays in the procurement process.  

Roseltorg said in a statement that once access to the trading systems is reinstated, all deadlines for procedures, including contract signings, will be automatically extended without requiring any requests from users.  

According to local reports, Roseltorg serves some of the largest Russian corporations, including oil company Lukoil, digital service provider Rostelecom and diamond mining company Alrosa, as well as government agencies including the Ministry of Defence and internet regulator Roskomnadzor.  

Roseltorg is one of several Russian companies targeted by pro-Ukraine hackers this month. Recently a group of hackers with unknown ties claimed responsibility for breaching Rosreestr, a Russian government agency responsible for managing property and land records.  

  • Another hacker group, known as the Ukrainian Cyber Alliance, also claimed responsibility for a hack on the Russian Internet provider Nodex, which has confirmed the attack.
  • In a different exploit, the Ukrainian hacker group known as Cyber Anarchy Squad claims to have attacked a  Russian technology  company Infobis, which develops systems for planning, monitoring, and accounting of agricultural work.  

The hackers claimed to have exfiltrated 3 TB of data and destroyed part of the company’s infrastructure although Infobis has not commented on the alleged attack. 

Yellow Drift's asserts that it destroyed 550 TB of data as a result of their exploit, while Roseltorg say that it has recovered of all the missing data and is working to restore its trading systems and operations. 

Roseltorg   |   Yellow Drift   |    Record   |   CNews   |   SCWorld   |   Euromaidan

Image: Ideogram

You Might Also Read: 

 

 

 

« Remote Deletion Of Malware Enforced On Thousands Of Computers 
How SASE Fits Into The Modern Cybersecurity Landscape »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Brainwave GRC

Brainwave GRC

Brainwave GRC is a leading European software provider focused on Identity Analytics and intelligence to strengthen IT security and compliance.

Cog Systems

Cog Systems

Cog Systems offer an embedded solution built on modularity, proactive security, trustworthiness, and adaptability to enable highly secure connected devices.

Cambridge Cybercrime Centre

Cambridge Cybercrime Centre

The Cambridge Cybercrime Centre is a multi-disciplinary initiative combining expertise from the Department of Computer Science and Technology, Institute of Criminology and Faculty of Law.

Blackwall

Blackwall

Blackwall (formerly BotGuard) is a security infrastructure company focused on protecting web ecosystems from automated threats, while optimizing performance for hosting environments.

Edureka

Edureka

Edureka is an online technology training provider with the most effective learning system in the world. We help professionals learn trending technologies for career growth.

e-Careers

e-Careers

e-Careers is an edtech institution that provides industry recognised courses and up-skilling solutions to individuals and organisations.

Dynamic Quest

Dynamic Quest

Dynamic Quest is a managed IT, cloud and security services companies, providing a comprehensive range of technology services including cybersecurity, backup and disaster recovery.

Symmetry Systems

Symmetry Systems

Symmetry Systems is a provider of data store and object-level security (DSOS) solutions that give organizations visibility into, and unified access control of, their most valuable data assets.

Third Point Ventures

Third Point Ventures

Third Point brings deep technical expertise, a strong network of relationships, and decades of investing experience to add value to our partners throughout their journey from idea to IPO and beyond.

Digital Catapult

Digital Catapult

Digital Catapult is the UK authority on advanced digital technology. We bring out the best in business by accelerating new possibilities with advanced digital technologies.

Space Hellas

Space Hellas

Space Hellas is a dynamic, established System Integrator and Value Added Solutions Provider, holding a leading position in the high technology arena.

Security Compliance Associates (SCA)

Security Compliance Associates (SCA)

The sole focus of SCA is safeguarding critical information and complying with information security regulations.

Jot Digital

Jot Digital

Jot Digital is a full-service technology company specializing in digital engineering, application modernization and business transformation.

CyberEPQ

CyberEPQ

CyberEPQ (Cyber Extended Project Qualification) is the UK’s first and only Extended Project Qualification in Cyber Security.

Octane

Octane

Octane is an AI cybersecurity startup using machine learning to identify and fix vulnerabilities in blockchain codebases.

Elixirr

Elixirr

Elixirr is an award-winning global consulting firm working with clients across a diverse range of markets, industries and geographies.