"This is not a DDoS attack, the games are over," a mysterious figure warned in a video that was posted online, referring to a denial of service type of attack.
"No money, no weapons, no Kiev regime -- this is the formula for the death of Nazism and it will work," the figure said. "Within 48 hours we are launching this global company, nothing will save you and this is not a warning. I am just informing. You have never seen such problems before."
Pro-Russian hacktivist group KillNet, Anonymous Sudan, and REvil announced their plans to take down the entire European banking system within the next 48 hours.
"This is not a DDoS attack, the games are over. No money, no weapons, no Kiev regime -- this is the formula for the… pic.twitter.com/to5RhxDif6
— Ian Miles Cheong (@stillgray) June 14, 2023
The groups named in the video are KillNet, Anonymous Sudan, and REvil.
Not long afterward, CNN reported:
“Several” US federal government agencies have been hit in a global cyberattack that exploits a vulnerability in widely used software.
The US Cybersecurity and Infrastructure Security Agency “is providing support to several federal agencies that have experienced intrusions affecting their MOVEit applications,” Eric Goldstein, the agency’s executive assistant director for cybersecurity, said in a statement on Thursday to CNN, referring to the software impacted. “We are working urgently to understand impacts and ensure timely remediation.”
It was not immediately clear if the hackers responsible for breaching the federal agencies were a Russian-speaking ransomware group that has claimed credit for numerous other victims in the hacking campaign.
A CISA spokesperson had no comment when CNN asked who carried out the hack of federal agencies and how many have been affected.
During an interview with MSNBC on Thursday, CISA Director Jen Easterly expressed her confidence in the government's defensive improvements, stating that she believes there will not be "significant impacts" to federal agencies as a result of the hacks.
"But the news adds to a growing tally of victims of a sprawling hacking campaign that began two weeks ago and has hit major US universities and state governments. The hacking spree mounts pressure on federal officials who have pledged to put a dent in the scourge of ransomware attacks that have hobbled schools, hospitals and local governments across the U.S.," CNN noted further.
"A Russian-speaking hacking group known as CLOP last week claimed credit for some of the hacks, which have also affected employees of the BBC, British Airways, oil giant Shell, and state governments in Minnesota and Illinois, among others," the outlet's report noted further.
While the Russian hackers were the initial group to exploit the vulnerability, experts warn that other malicious actors might have gained access to the required software code, potentially enabling them to carry out similar attacks.
The ransomware group had set a deadline for victims to reach out regarding ransom payments, and once that deadline passed, they started publicly listing additional victims from the hack on their dark web extortion site. As of Thursday morning, no US federal agencies were listed on the dark web.
Rather, the hackers noted in all caps: “If you are a government, city, or police service, do not worry, we erased all your data. You do not need to contact us. We have no interest to expose such information.”
“The activity we’re seeing at the moment, adding company names to their leak site, is a tactic to scare victims, both listed and unlisted, into paying,” said Rafe Pilling, director of threat research at Dell-owned Secureworks, in an interview with CNN.
Sources include:
Please contact us for more information.
