Posted on June 7, 2022 at 1:11 PM

Threat Actors Hack The Website Of Russia’s Ministry, Demand Ransom

Threat actors have reportedly hacked the website of the Ministry of Construction, Housing, and Utilities of the Russian Federation. After successfully infiltrating the website, the hacker changed the title to the Ukrainian greeting “Slava Ukraine.” But the website seems to have been back online.  The threat actor also placed a ransom note on the website, requesting a payment in Bitcoin to prevent publishing the stolen data.

The Hackers Are Demanding Ransom

The website currently appears to have been restored. A representative of the ministry stated that the personal data of all website users were not affected by the breach.

The hackers are requesting a ransom of $16,000 with a deadline of Tuesday, according to reports from a local news agency. Based on the ransom noted, the hack was likely carried out by the DumpForums.com team.

The DumpForums was reviewed by Information Security Media Group, which shows a post by the likely administrator who seemed to have joined the forum on May 29, 2022.

“Today, one of the participants in our forum hacked and defaced the state website of the Ministry of Construction,” the post reads.

Also, the post seems to contain a screenshot of the alleged ransom note posted on the compromised website. According to local news agency RBC, visitors to the website were shown the ransom note on Sunday evening shortly after the website was defaced.

The message noted that users’ data on the website, including citizens and employees, were stolen. The website was not accessible to the public for a few hours on Sunday.

“The personal data of our site are protected and regularly monitored, there is no threat to them, they are safe,” the ministry reported.

Russia Has Suffered Serious Cyberattacks

Since the invasion of Ukraine by Russia, a record number of attacks have been launched against Russia, with the country’s security team getting overwhelmed in some attacks. The security team has reported unprecedented attacks on Russia’s networks

In March, the International hacking group Anonymous took responsibility for an attack on the German subsidiary of the Russian energy company Rosneft. The hacking collective revealed that 20TB of data was stolen from the company’s server. Although the attack didn’t impact Rosneft’s operations, the company’s systems and other processes were affected. The Head of threat analysis at the cybersecurity firm Darktrace reported that the Anonymous hacking group is out to show solidarity with Ukraine and use its activities to force Russia to back down.

Last month, threat actors reportedly infiltrated the infrastructure of Russia’s Federal Air Transport Agency and cleaned out its files and database. The files consisted of 65TB of data, which include emails from servers, aircraft registration data, files, and other documents.

These hacking activities are proof that there is an increased number of cyberattacked on private and public entities in Russia. It also shows that Russia is no longer revered when it comes to cyber-attacks. Before Russia invaded Ukraine, many hackers like to avoid Russia because of fears of reparatory attacks and the likelihood of being caught. However, after the invasion, several threat groups have rendered their hacking expertise in favor of Ukraine. Most of the attacks launched against.

Russia Plays Down The Impact of The Attacks 

Russian organizations are mainly in solidarity with Ukraine. While Russia’s threat actors are still attacking organizations in rival countries, the level of attacks the country is receiving is getting overwhelming.

However, the Russian government is still playing down the impacts of the attack on organizations. Last month, Russian Deputy Foreign Minister Oleg Syromolotovsaid organizations in the country are secure and protected from Ukraine’s cyberattacks.

He added that the government has established an information security system on its own throughout the years of anti-Russian sanctions. Russia has rolled out and used its security software for any major attacks and more of the systems are secure.

Hacking attacks in May kept video hosting site RuTube offline for three days, altering television menus in Moscow on Victory Day, the 77th anniversary of the Soviet Union’s victory over Nazi

Germany, Since the invasion of Ukraine, both Russia and Ukraine have also engaged in cyber battle, with each country trying to outdo the other. Ukraine reported that the broadcast of the Wales/Ukraine match on OLL TV was interrupted due to a temporary hacking incident. But Russia is probably suffering more when it comes to cyber-warfare, as Ukraine is drawing support from several hacktivists all over the world.