Ukrainian hacktivists, a part of the Ukrainian Cyber Alliance group, introduced on Tuesday that they had breached Russian web service supplier Nodex’s community and wiped hacked methods after stealing delicate paperwork.
“The Russian web supplier Nodex in St. Petersburg was fully looted and wiped. Knowledge exfiltrated, whereas the empty tools with out backups was left to them,” the Ukrainian hacktivists introduced yesterday on Telegram.
The hackers additionally shared screenshots of the Russian ISP’s VMware, Veeam backup, and Hewlett Packard Enterprise digital infrastructure they hacked throughout the breach.
On Tuesday, Nodex confirmed the Ukrainian Cyber Alliance’s claims by telling prospects in a VKontakte put up that its “community is destroyed” following what it described as a deliberate assault doubtless originating from Ukraine.
“Pricey subscribers! Final evening, an assault was carried out on our infra (presumably from Ukraine). The community has been destroyed. We’re restoring it from backups,” Nodex mentioned. “There are not any timelines or forecasts in the mean time. Our precedence is to first restore telephony and the decision heart.”
Web monitoring group NetBlocks additionally noticed fixed-line and cellular companies connectivity collapsing on Nodex’s community web operator yesterday at midnight, following the ISP’s affirmation it was coping with a cyberattack.
The File first reported the assault, saying Nodex’s web site was nonetheless down and the Russian Web supplier was nonetheless engaged on restoring methods. Nonetheless, the corporate couldn’t present a timeline for when methods would return on-line.
Since then, Nodex has issued extra updates on the restoration course of, telling subscribers that “the community core has been restored” and that its engineers are nonetheless engaged on resetting switches.
Three hours later, the Russian ISP mentioned {that a} DHCP server had been introduced on-line and that Web connectivity ought to now be accessible for a lot of prospects.
“Many individuals ought to be capable of use the Web. Please reboot your routers,” Nodex mentioned in one other replace on the Russian VKontakte social media community.
The Ukrainian Cyber Alliance has been energetic since 2016, when a number of hackers and hacker teams (e.g., FalconsFlame, Trinity, RUH8, and CyberHunta) banded collectively to defend their nation from Russian aggression in our on-line world and registered as a non-governmental group.
Since then, UCA cyber activists have claimed many breaches impacting numerous Russian organizations, together with the Russian Ministry of Protection, Commonwealth of Unbiased States Institute (financed by the Russian state firm Gazprom), the Donetsk Individuals’s Republic’s Ministry of Coal and Power, Vladimir Putin’s political adviser Vladislav Surkov, and a number of Russian army officers and media retailers, amongst others.
In October 2023, the Ukrainian hacktivists additionally hacked the Trigona ransomware gang’s servers and wiped them clear after exfiltrating all knowledge, together with supply code, database information, and cryptocurrency scorching wallets.