Righi says it produces slick promotional videos and sells its own merchandise. “They began to gain a lot of popularity from the public in Russia,” Righi says. Its Telegram channel, where it makes political statements and talks about targets, was created at the end of February and has grown in popularity, with the number of members doubling since May. The vast majority of Killnet’s efforts and those of its “legion” group-members of the public who are asked to join and launch attacks-have been DDoS attacks, Righi says, but he has also seen the group linked to some website defacements, and the group itself has made unverified claims that it has stolen data. “They were advertising this app or this website, where you could hire a botnet and then use it to launch DDoS attacks.” But when Russia invaded Ukraine at the end of February, the group pivoted. Killnet started as a DDoS tool and was first spotted in January this year, Righi says. “They're not working together with Russia but in support of Russia.” “They definitely have malicious intent when they conduct these attacks,” says Ivan Righi, a senior cyberthreat intelligence analyst at security firm Digital Shadows who has studied Killnet. While security experts have frequently warned that attacks from Russia could target Western countries, the efforts of volunteer hacktivist groups can have an impact without being officially backed or conducted by the state. Meanwhile XakNet, another pro-Russian hacktivist group, has claimed to have targeted Ukraine’s biggest private energy company and the Ukrainian government. The targeting often happens after a country offers support for Ukraine. The group has declared “war” on 10 nations. Attacks against websites in Germany, Italy, Romania, Norway, Lithuania, and the United States have all been linked to Killnet. In recent months Killnet has targeted a growing list of countries that have supported Ukraine but are not directly involved in the war. The attacks are just the latest wave of pro-Russian “hacktivist” activity since the start of Vladimir Putin’s war in February. Sakrdinskas says the attacks, which were linked to Killnet, have mostly dropped off since the start of July, and the government has opened a criminal investigation. In total more than 130 websites in both the public and private sectors were “hindered” or made inaccessible, according to Lithuania’s government. The attacks, Sakrdinskas explains, were continuous and spread across all areas of daily life in Lithuania. The group then called on hacktivists-naming a number of other pro-Russian hacking groups-to attack Lithuanian websites. Pro-Russian hacker group Killnet posted “Lithuania are you crazy? 🤔” on its Telegram channel to 88,000 followers. But this was different.ĭays before the attacks started, Lithuania blocked coal and metal from being moved through its country to the Russian territory of Kaliningrad, further bolstering its support for Ukraine in its conflict with Russia. “Usually the DDoS attacks are concentrated on one or two targets and generate huge traffic,” says Jonas Sakrdinskas, acting director of Lithuania’s national cybersecurity center. For the next 10 days, websites belonging to the government and businesses were bombarded by DDoS attacks, overloading them with traffic and forcing them offline. The attacks against Lithuania started on June 20.
0 kommentar(er)
