Russian hackers started a vigilante cyber militia to take down Ukraine’s websites and steal data

February 25, 2022, 10:26 PM UTC

On Wednesday afternoon, many Ukrainian bank and government websites mysteriously went offline.

While many blamed the cyber attack on Putin’s army, it was actually a group of civilian vigilantes who have taken it upon themselves to add to the chaos in Ukraine.

One of these men shared his story with the BBC and disclosed that he had a day job working for a Russian cybersecurity company. 

After watching the invasion unfold, he decided to assemble a team of six hackers. Their tactics include taking down Ukrainian government websites, sending bomb threat emails, and pretending to be Ukrainian government officials by setting up email accounts with government email services.

The team is releasing stolen information to cause distress in the community, and says they have the power to launch a ransomware attack in the community. 

Cyber attacks in Ukraine: A recent history

  • In 2015 and 2016, Ukraine’s power grid was attacked, and it is suspected that it remains vulnerable.
  • In 2017, NotPeya, a malware, was released on the country’s financial sector and wiped data from the computers of senior government officials, banks, energy firms, and an airport.
  • In 2020, Russian intelligence officers were charged by the US for being allegedly involved in the development of NotPeya and hacking Ukraine’s power grid.
  • This year, around 70 government websites were attacked in mid-January and made to display the message “prepare for the worst.”
  • In mid-February, the websites for two banks and the Ukrainian army were also hacked, and the Russian Main Intelligence Directorate was the main suspect.
  • On Wednesday, another attack targeted Ukrainian financial institutions and government ministries. Wipers with the power to wipe all data were discovered on some sites.
  • Today, a warning was issued by Ukraine’s cyber defense force, warning citizens to be careful of malware.

Ukraine’s Response

On Thursday morning, through a hacker underground, the government of Ukraine has been calling for volunteers to help protect cyberinfrastructure from Russian troops, according to Reuters.

The message read, “Ukrainian cybercommunity! It’s time to get involved in the cyber defense of our country.” Applications for the position could be sent through Google Docs, where applicants could list their specialties and references. 

Yegor Aushev, the co-founder of Cyber Unit Technologies, a cybersecurity company, is the author of the post and said that he wrote it at the request of a senior Defense Ministry official. According to him, volunteers would be divided into defense and offense units.

Supporting Ukraine, Anonymous, the famous hacker group, also posted to Twitter yesterday saying that they “are officially in cyber-war against the Russian government.” So far, the tweet has received 186.9k likes.

While tensions are high between Ukraine and Russia, the BBC reports that the U.K. and U.S. are also monitoring the possibility of cyber-attacks spreading into other countries.

Never miss a story: Follow your favorite topics and authors to get a personalized email with the journalism that matters most to you.