Posted on April 12, 2023 at 9:29 AM

KillNet hacking group claims to be behind multiple DDoS attacks against NATO

KillNet, a Russian hacktivist group, has said it is responsible for multiple Distributed Denial of Service (DDoS) attacks targeting NATO cyber infrastructure. The hacking group has also said that hackers breached its security systems and stole data.

KillNet targets NATO in DDoS exploits

The KillNet hacking group claims it conducted multiple cybersecurity attacks that affected 40% of the electronic infrastructure that NATO owns. The group has been joining other Russian hacking organizations launching hacking attacks against Western organizations and allies over the Russia-Ukraine war.

The KillNet hacking group claimed responsibility for this attack through its Telegram channel. The group shared a list of the targets and the NATO email addresses they obtained alongside plain-text passwords in the message. The hacking group said that these user details were stolen from NATO School, popularly known as the NATO School Oberammergau (NSO).

Besides sharing information that was leaked because of the attack, the KillNet hacking group also posted a screenshot that demonstrated it used the stolen login credentials to register 150 email addresses on a gay dating platform that is based in Kyiv and Moldova. This showed a likelihood of there being a motive of embarrassment or the possibility of blackmail.

The tactics that the KillNet hacking group has used are sophisticated. However, these attacks should not come as a surprise because Russia and Ukraine have been using social engineering skills to secure an advantage over each other.

Russian hacktivist groups are not the only ones that have upped their game during the ongoing conflict. Last week, a report by Hackread.com said that Ukrainian hacktivist groups lured Russian military spouses to partake in a “patriotic photoshoot.” During this operation, the Ukrainian hackers successfully stole the Russian military’s personal and military-related details.

These activities show that the two sides are actively engaged in cyber warfare. Hacktivist groups such as KillNet and their Ukrainian counterparts are turning towards cybercriminal activities to gain dominance against each other. Hacking attacks are used to obtain sensitive information against adversaries while disrupting their operations.

KillNet shared a message on Telegram detailing this breach against NATO. The translated message from the hacking group said that 40% of the electronic infrastructure owned by NATO was paralyzed because of the hacking activities by KillNet.

The group said it gained access to multiple areas of the organization, such as sites in defense orders, provision and support of the alliance, and multiple sites. The hackers said that NATO would not function normally without these sites.

“Resources are being put under DDoS attacks right now, it is impossible to log in to accounts. The sites of the command for the development of combat operations, the NATO agency for support, support, and procurement, and training cyber centers were distributed. And the NCI agency was hacked for sweet, from where they stole all the personal data of employees,” the translated message said.

The message further said that in the near future, NATO’s operations might not run smoothly as the institution struggles to return the data the hackers stole. NATO acknowledged a DDoS campaign against it some time back, and the exploit affected its website.

KillNet hacking group’s activities

The KillNet hacking group became popular amid the ongoing war between Russia and Ukraine. The group has positioned itself as a counter-attack institution against Western countries supporting Ukraine in the ongoing war.

Since the hacktivist group started conducting hacking attacks, it has targeted private businesses and government websites offering critical services globally. Some government sites targeted in these attacks include Lithuania and the United Kingdom.

It is not the first time that the KillNet hacking group has claimed data theft from high-profile targets. In December 2021, the hacking group said it was responsible for data theft from FBI agents. In August 2022, it also claimed to steal data from employees in Lockheed Martin, a top defense contractor.

The hacking campaigns conducted by the KillNet hacking group show the increased threat of hacktivist groups and the cyber war that is happening globally. NATO and other global bodies have been prioritizing cybersecurity and taking proactive measures to protect sensitive data from these types of exploits.

The growing threat of cyber attacks has posed a major challenge to individuals, businesses, and governments. These attacks show there is a growing need to have robust cybersecurity measures in place to combat these attacks.