Energoatom announced the largest cyber zttack in the russian federation since the beginning of the war.
On Tuesday, August 16, russian hackers launched an unprecedented cyber attack on the official website of the State-owned Enterprise Energoatom.
It is known that this was the most powerful hacker attack on the website of Energoatom since the beginning of the full-scale invasion of the russian federation. It took place from the territory of the occupying country.
“The russian group “People’s Cyber Army” carried out a cyberattack using 7.25 million bot users, who simulated hundreds of millions of views of the Company’s main page for three hours,” the message reads.
Energoatom assured that the cyber attack did not significantly affect the work of the website of SE “NAEK “Energoatom”, and ordinary users did not even notice it. 1
russia begins to direct cyberattacks on web resources and mass media outside kyiv — Center for Cyber Security
The regions are under reliable protection, because Ukraine has significantly strengthened its cyber defense. This was discussed during the discussion “CyberDANGER: how to fight back and win on the cyber front”.
After the “exercises” in January 2022 and the intensification of cyber warfare after the start of a full-scale invasion of Ukraine, the current priority of the russian federation is attacks on administrations, institutions, and mass media in the regions of our state. Serhii Prokopenko, head of the National Coordination Center for Cyber Security at the NSDC, said this.
Now the enemy continues disinformation campaigns through its groups, and in the last month and a half, it has again increased its activity on the cyber front, says Prokopenko.
“Now one of their priorities is to reach the regional level: administrations, institutions not in Kyiv and more precise planning of operations to penetrate critical sectors,” said a representative of the Cyber Security Center. However, according to him, Ukraine has strengthened its position in cyberspace.
At the zero stage of the cyber war against Ukraine, the russian federation conducted training, practiced various tactics, coordination within the framework of a large cyber operation, etc. “But they seriously underestimated our ability. On this case, our cooperation on protection at the international level was worked out. During the week, there were statements from partners from the EU and the USA, where these attacks were attributed to russia. A meeting of the National Commission for Digital Communications was urgently convened, where a decision was made to increase protection, to have a cyber reserve of defense specialists, and to create a response group. And what the enemy saw as training on the eve of the active phase of the war helped us to defend ourselves. We learned our lessons quickly and were ready. In fact, their training became training for us,” said the representative of the Cyber Security Center. 2
Since the Beginning of 2022, Hackers Have Stolen More Than 300 Secret Databases from russian Companies
Analysts at InfoWatch indicate that the number of leaks this year has increased by 46% compared to the first half of 2021.
The company InfoWatch published a report in which it analyzed the leakage of confidential information of russian enterprises. It turned out that hackers stole 305 databases in the first two quarters.
Analysts have reported that hackers pay attention to data that constitutes a trade secret and contains information about various developments and know-how. Experts also emphasize that the number of hacked data is almost 50% higher than the number of leaks during the same period last year. To be precise, they call the figure 45.9%. “At the same time, the volume of stolen information increased more than 16 times, amounting to 187.6 million records,” the article says.
As for commercial information, last year it accounted for 5.4%, and in 2022 – 13.7%. Sources of information about innovations show a similar growth.
The mass media write that in February-March, russian companies were actively attacked by hackers: there were 4.5 times more attacks than in the same months of 2021. Many enterprises had to eliminate the consequences of leaks, spending 100 million rubles. This amount is 20% more than what was spent in 2021.
Analysts predict an increase in attacks in the second half of the year, as cyber threats to russian business continue to grow due to the “difficult geopolitical situation” – that’s how russian media call the war unleashed by russia against Ukraine.
Large russian companies intend to increase cyber security budgets by 15-20%. 3
Hackers Have Hacked and “Printed” $1.2 Billion Worth of Cryptocurrency
Using an exploit – a malicious piece of code that exploits the project’s software vulnerabilities – the attackers released more than 1.2 billion tokens. After discovering this, the developers prevented the transfer of the stolen AUSD by locking them in the hackers’ account.
Stablecoins are cryptocurrencies with a stable exchange rate, usually tied to one or another fiat currency (their issuer is the state), such as the dollar or the euro. But after the hack, AUSD lost its peg to $1 and as of August 16 is trading at $0.01.
In Acala, it was found that the thieves took advantage of the incorrect configuration of the previously launched iBTC/aUSD liquidity pool. “The misconfiguration has been fixed, and the addresses of the wallets that received the erroneously issued stablecoins have been identified,” the team said, assuring that it continues to monitor the activity of the attackers’ wallets.
How the project now plans to restore the peg of the stablecoin to the US dollar (and whether it will do it at all) is unknown. So far, the hacker has not managed to sell the stolen tokens. 4
A Cryptocurrency Startup Concocted a Fake Hacker Attack After Stealing Its Customers’ Cryptocurrency
Brazilian cryptocurrency lending platform BlueBenx has suspended user withdrawals and laid off most of its staff following a recent hack that saw $32 million stolen from the platform. However, according to some members of the cryptocurrency community, the management of the startup took over client funds.
As it became known, the BlueBenx platform attracted more than 22,000 users, to whom representatives of the startup promised large profits. According to the depositors, they expected to receive up to 66% profit for the cryptocurrency deposit. “I think there is a high probability of fraud – this whole story about the hacker attack looks like complete nonsense, they just made it up,” one of the investors of the platform shared his point of view.
At the time of writing, it is not known whether law enforcement agencies have launched an investigation into this theft. However, if the involvement of BlueBenx managers can be proven, they risk going to prison. 5
Signal Warns 1,900 Messenger Users of Security Threat from Hackers After Breach of Twilio Gateway
Earlier this month, hackers breached the security of Twilio, a gateway that helps web platforms communicate via SMS or voice. On August 16, the encrypted messenger Signal warned 1,900 users that their accounts could potentially be accessible to those who hacked Twilio. According to the company, the attackers searched for three specific numbers during the time they had access.
Signal now reports that one of those three users learned of attackers using access to Twilio to register a new device with a number, which gave them access to read and send messages on behalf of that account.
Users’ stories, contact lists, profile information and other personal data remained safe, according to Signal’s announcement. However, if the account doesn’t use PIN authentication, attackers can try to gain control of it. 6
Senator business center, 32/2, Dukes of Ostrozhsky, Kyiv
+38 (050) 428 44 68 (Ukraine), +1 (786) 755 8398 (USA)© 2023 GLOBAL CYBER COOPERATIVE CENTER (GC3). All rights reserved