A Ukrainian hacker group, believed to be connected to Ukraine’s intelligence took and carried out a destructive attack on the servers of a Moscow-based internet provider to take revenge for Kyivstar cyberattack.
The group, known as Blackjack, successfully hacked into the systems of M9com, causing extensive damage by deleting terabytes of data.
As a result, numerous residents in Moscow experienced disruptions in their internet and television services. Additionally, the Blackjack hacker group has issued a warning of a potentially larger attack in the near future.
What Happened in the M9com Cyber Attack
Based on the information provided by Ukrinform, the cyber attack on M9com deleted approximately 20 terabytes of data.
The attack targeted various critical services of the company, including its official website, mail server, and cyber protection services.
Furthermore, the hackers managed to access and download over 10 gigabytes of data from M9com’s mail server and client databases. To make matters worse, they made this stolen information publicly accessible via the Tor browser.
Hackers Call it a Serious Revenge for Kyivstar Cyber Attack
The hackers behind the attack referred to it as a “warm-up attack” in anticipation of a larger cyber assault. They specifically mentioned that this upcoming attack would serve as “serious revenge for Kyivstar.”
This reference pertains to the recent hacking incident by Russian actors targeting Ukraine’s largest telecommunications company in December. During that incident, millions of people in Ukraine were left without internet access for several days.
According to an anonymous source from a law enforcement agency, it is believed that the hacker group responsible for the M9com attack is likely affiliated with the Security Service of Ukraine (SBU).
“Hackers from the Blackjack group, who are likely related to the SBU, hacked the Moscow-based internet service provider M9com and destroyed its servers,”
Said the source.
The Attack on M9com was a DDoS Attack
Based on the nature of the attack on M9com, it appears that when the hackers hit Moscow, they were able to gain access to the back-end operations of the company. This allowed them to effectively delete data from the servers, similar to what occurred in the Kyivstar incident.
It is worth noting that this type of attack, which involves directly targeting and compromising the servers, is less common compared to the more frequently observed distributed denial-of-service (DDoS) attacks. DDoS attacks overwhelm a system by inundating it with automated requests, causing the service to become inaccessible.
In an interview with Reuters, Ilya Vityuk, the Head of the Cyber Security Department at SBU, stated that Russian hackers had infiltrated Kyivstar’s system as early as May 2023. However, this claim was denied by Irina Lelichenko, a spokesperson for Kyivstar.
Vityuk further revealed that Russia has been responsible for nearly 9,000 cyber attacks on Ukraine’s state resources and critical infrastructure since the start of the full-scale invasion. These attacks have posed a significant threat to Ukraine’s security and stability.
