Russian state-owned Sberbank hit by 1 million RPS DDoS attack

Russian financial organization Sberbank states in a press release that two weeks ago it faced the most powerful distributed denial of service attack in recent history. Sberbank is a majority state-owned banking and financial services company and the largest institute in Russia, holding about a third of all assets in the country. Following Russia's invasion of Ukraine, the bank faced international blockades and sanctions and was the target of west-aligned hacktivists multiple times. Russian outlet Interfax reports that the attack reached one million requests per second, which the organization said was roughly four times the size of the most powerful DDoS Sberbank had experienced up until then. "We noticed that these are some new hackers. Their fingerprint is not known to us. That is, some new, very qualified criminals appeared on the market who began to systematically attack the largest Russian resources," stated the head of Sberbank. While one million RPS is clearly significant, it does not compare to record-breaking DDoS attacks that use the new 'HTTP/2 Rapid Reset' technique to generate an impact a hundred times bigger than what Sbersbank experienced. In late August, Amazon detected a DDoS attack that peaked at 155 million RPS. Cloudflare mitigated a 201 million RPS one, while Google dealt with a DDoS attack that peaked at 398 million requests per second. In May 2022, Sberbank announced it was targeted by unprecedented hacker attacks, including massive DDoS waves aimed at its online customer services. The bank said it managed to repel a DDoS attack that measured at 450GB/sec, which was generated by a botnet of 27,000 compromised devices. A more recent blow sufferend by Russia's financial system concerns the National Payment Card System, the Mir card operator, whose website became unavailable on October 30, 2023, and was later defaced to post messages about a client-impacting data breach. NSPK told the press that the attackers couldn't have stolen any sensitive customer data as the website does not store such information and assured them that the cyberattack hadn't impacted the payments system. TheRecord later reported that hacktivists from the 'DumpForums' group and the Ukrainian Cyber Alliance had taken responsibility for the attack, also claiming to have stolen 31 GB of data. Cloudflare sees surge in hyper-volumetric HTTP DDoS attacks. New 'HTTP/2 Rapid Reset' zero-day attack breaks DDoS records. US sanctions Russian who laundered money for Ryuk ransomware affiliate. FSB arrests Russian hackers working for Ukrainian cyber forces. Mozi malware botnet goes dark after mysterious use of kill-switch.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 30 Nov 2023 23:19:27 +0000


Cyber News related to Russian state-owned Sberbank hit by 1 million RPS DDoS attack

9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
10 months ago Esecurityplanet.com
Russian state-owned Sberbank hit by 1 million RPS DDoS attack - Russian financial organization Sberbank states in a press release that two weeks ago it faced the most powerful distributed denial of service attack in recent history. Sberbank is a majority state-owned banking and financial services company and the ...
11 months ago Bleepingcomputer.com
Understanding the Escalating Threat of Web DDoS Tsunami Attacks - Whether it's hacktivists conducting cyberwarfare or ransom-seeking criminals targeting vulnerable firms in financial services, retail, energy, or transportation, a new breed of destructive distributed denial of service attack - the Web DDoS Tsunami - ...
10 months ago Cyberdefensemagazine.com
The Rise of DDoS Attacks in Q3, 2023: Are You Prepared? - The Indusface AppSec Q3, 2023 Report reveals a staggering 67% surge in DDoS attacks compared to the previous quarter, highlighting a concerning trend with profound impacts on various industries. Over 41% of websites have shown signs of DDoS attacks ...
10 months ago Cybersecuritynews.com
Why every company needs a DDoS response plan - Today's DDoS attacks are not what they were even a few years ago, and we continue to see DDoS attacks that are framed as the largest in history. As a result, large organizations need adaptive, multilayered defense capabilities that can respond just ...
4 months ago Helpnetsecurity.com
The State of DDoS Attacks: Evolving Tactics and Targets Businesses Must Be Aware Of - Now, these attacks are becoming more dangerous, targeted, and detrimental as they evolve. As DDoS attacks become more sophisticated, adversaries are able to hone in on the most vulnerable targets, ranging from small- and medium-sized businesses to ...
10 months ago Cyberdefensemagazine.com
How to Prepare for DDoS Attacks During Peak Business Times - One common tactic that many security practitioners have witnessed is carrying out distributed denial-of-service attacks during peak business times, when companies are more likely to be short-staffed and caught unawares. While DDoS attacks are a ...
10 months ago Darkreading.com
Open-source Blender project battling DDoS attacks since Saturday - Blender has confirmed that recent site outages have been caused by ongoing DDoS attacks that started on Saturday. Blender is a popular 3D design suite for creating animated films, video games, motion graphics, visual effects, soft body and particle ...
11 months ago Bleepingcomputer.com
In Cybersecurity and Fashion, What's Old Is New Again - While distributed denial-of-service attacks and zero-day threats are nothing new in cybersecurity, they're still happening regularly for a simple reason: They work. In early November 2023, OpenAI blamed a DDoS attack for intermittent ChatGPT issues, ...
10 months ago Darkreading.com
Security Series: Protecting the Edge Against DDoS Attacks with a Simplified Integrated Solution - An unprecedented increase in distributed-denial-of-service attacks in recent years has resulted in lost revenue and productivity, increased ransomware costs, and impacted service-level agreements for network operators. According to Zayo Group's ...
10 months ago Feedpress.me
Essential DDoS statistics for understanding attack impact - The impact of DDoS attacks extends far beyond mere inconvenience, as they can result in financial losses, compromised data, and erosion of customer trust. Understanding the nature and consequences of DDoS activity is essential for organizations and ...
10 months ago Helpnetsecurity.com
VPN to protect against DDoS attacks on Twitch - Swarming or DDoS attacks pose a threat to streamers. Your data goes through a secure server, making it harder for attackers to target your actual IP address. A distributed denial-of-service attack globally harasses and attacks legitimate users and ...
10 months ago Itsecurityguru.org
Pro-Russian DDoS Attacks Alarm Denmark and US - Distributed denial-of-service (DDoS) attacks by pro-Russian hacking groups have caused alarm in the US and Denmark after several incidents affected websites of hospitals and government offices in both countries. On Tuesday, Denmark announced that it ...
1 year ago Therecord.media
DDoS Attacks on Rappler Linked to Proxy Service Providers in US and Russia - Qurium, the Swedish media foundation and human rights watchdog leading the investigation into these DDoS attacks implicates FineProxy and RayoByte in facilitating the attacks. On November 30, 2023, Rappler, the leading digital media company in the ...
10 months ago Hackread.com
How to Prevent DNS Attacks: DNS Security Best Practices - To protect against attack, best practices must be applied to protect the DNS protocol, the server on which the DNS protocol runs, and all access to the DNS processes. Implementing these best practices will not only protect DNS but also network ...
10 months ago Esecurityplanet.com
FSB arrests Russian hackers working for Ukrainian cyber forces - The Russian Federal Security Service arrested two individuals believed to have helped Ukrainian forces carry out cyberattacks to disrupt Russian critical infrastructure targets. Both suspects were taken into custody one same day in two different ...
11 months ago Bleepingcomputer.com
Recent DDoS-as-a-Service Platform Passion Used in Attacks on Hospitals - A new DDoS-as-a-Service platform called Passion was recently used by pro-Russian hacktivists to launch attacks against medical institutions in the United States and Europe. A DDoS attack is when malicious actors send a large number of requests and ...
1 year ago Bleepingcomputer.com
Cyber Insights 2023: The Geopolitical Effect - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. The Russia/Ukraine war that started in early 2022 has been mirrored by a ...
1 year ago Securityweek.com
Hackers are Launching DDoS Attacks During Peak Business Hours - Many security practitioners have seen distributed denial-of-service attacks carried out during peak business hours, when firms are more likely to be understaffed and caught off guard. DDoS attacks are a year-round threat, but we've seen an increase ...
10 months ago Cysecurity.news
Leader of Killnet 'unmasked' by Russian state media The Register - Infosec in Brief Cybercriminals working out of Russia go to great lengths to conceal their real identities, and you won't ever find the state trying to unmask them either - as long as they keep supplying the attacks on Axis nations. It's the reason ...
11 months ago Theregister.com
Cybersecurity and Infrastructure Security Agency Reports Minimal Impact of Killnet Distributed Denial of Service Attacks on American Hospitals - The Cybersecurity and Infrastructure Security Agency (CISA) reported that it had assisted numerous hospitals in responding to a series of distributed denial-of-service (DDoS) attacks last week, which were launched by a pro-Kremlin hacking group known ...
1 year ago Therecord.media
Recently patched CUPS flaw can be used to amplify DDoS attacks - As Akamai security researchers found, a CVE-2024-47176 security flaw in the cups-browsed daemon that can be chained with three other bugs to gain remote code execution on Unix-like systems via a single UDP packet can also be leveraged to ...
4 weeks ago Bleepingcomputer.com
Russian military hackers target NATO fast reaction corps - Russian APT28 military hackers used Microsoft Outlook zero-day exploits to target multiple European NATO member countries, including a NATO Rapid Deployable Corps. Researchers from Palo Alto Networks' Unit 42 have observed them exploiting the ...
10 months ago Bleepingcomputer.com
Mitigate HTTP/2 Rapid Reset Threats with Imperva WAF - In the modern application landscape, where businesses are constantly under the threat of cyber attacks, one of the most recent to emerge is HTTP/2 Rapid Reset, a type of Distributed Denial-of-Service attack. This attack is larger than any previously ...
10 months ago Imperva.com
Ukraine says it hacked Russian aviation agency, leaks data - Ukraine's intelligence service, operating under the Defense Ministry, claims they hacked Russia's Federal Air Transport Agency, 'Rosaviatsia,' to expose a purported collapse of Russia's aviation sector. Rosaviatsia is the agency responsible for ...
11 months ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)