I expect the Russians will openly revolt against Putin if they are denied alcohol... Ukraine’s IT Army is disrupting Russia's alcohol distribution https://www.bleepingcomputer.com/ne...y-is-disrupting-russias-alcohol-distribution/ Hacktivists operating on the side of Ukraine have focused their DDoS attacks on a portal that is considered crucial for the distribution of alcoholic beverages in Russia. DDoS (distributed denial of service) attacks are collective efforts to overwhelm servers with large volumes of garbage traffic and bogus requests, rendering them unable to serve legitimate visitors. According to reports from multiple Russian media outlets, several vodka producers and distributors claim inability to access the EGAIS (ЕГАИС) portal as required by government regulations. EGAIS' central role in the market (shtrih-m.ru) As a result, alcohol beverages transportation and distribution to retail points have suffered greatly in the past couple of days, raising the risk of actual shortages on the shelves. A person working in the field told Vedomosti that “Due to a large-scale failure, factories cannot accept tanks with alcohol, and customers, stores, and distributors, can not receive finished products that have already been delivered to them.” Yesterday, many factories decided to halt shipments to warehouses completely and subsequently cut their production rate, as they are overflowing with products that remain undelivered and can’t take any more. Ukraine’s IT Army lists EGAIS At the time of writing this, the portal of EGAIS remains out of reach, so we can only assume that the DDoS attack is still ongoing. Bleeping Computer has found the associated websites listed as targets on Ukraine’s IT Army Telegram channel, so there’s a good chance that they are behind these attacks. The posts on Telegram are meant to help coordinate DDoS activities that are launched independently from isolated actors using tools like the Liberator. EGAIS sites listed on IT Army channel Ukraine's IT Army is a special type of a cyber-force that enlists volunteers from around the globe, uniting them under the common goal of launching retaliatory cyberattacks against key Russian entities. The formation of this otherwise illegal task force was announced by Ukraine’s government officials in February 2022 and has remained active on the cyber front line since then. Attacks on Russian supply chains This is not the first attack targeting Russia’s internal product supply chains, aiming to cause disruption and potentially even shortages. Last March, the Moscow-based meat producer, and distributor Miratorg announced news of a cyberattack that encrypted its IT systems, aiming to sabotage its operations. The point of compromise was another state information system, VetIS, used by companies engaged in the veterinary field.
Russian credit card data floods the market following the Russo-Ukrainian war https://cybernews.com/security/russ...the-market-following-the-russo-ukrainian-war/ Sberbank, a Russian majority state-owned bank, seems to be in the eye of the storm. Since the outbreak of the Kremlin’s aggression in Ukraine, dark web marketplaces have seen a downpour of stolen Russian credit card data. Researchers link the sudden influx to the hacktivists’ retaliation against Russia. Cyber threat intelligence company Cyberint suggested that the lion’s share of the leaked credit cards are issued by Sberbank. Following the three months since the start of the Russian invasion, the company observed over 110,000 leaked Sberbank cards, representing 18% of the global incidents in this period. In the three months prior to Russia’s invasion, Cyberint observed around 12,300 leaked Sberbank’s credit cards (4% of the leaked credit card credentials). Sberbank amount of leaked credit cards. Source: Cyberint “Sberbank of the Savings Bank of the Russian Federation accounted for about a third of all bank assets in Russia. Our team has detected multiple threat groups that have already recently compromised this bank, such as DoomSec and Ares, and breached data published on Telegram channels,” the company told Cybernews. Leaked credit card data includes card number, expiration date, and CVV code – everything one needs to make an online transaction. Cyberint believes that many of the cards are still valid and unrelated to earlier incidents when Sberbank customers were exposed. In 2019, the Kommersant newspaper reported that the personal information of up to 60 million Sberbank customers ended up on the black market. The following day, Sberbank issued an official statement to downplay the situation, claiming they were investigating an incident that could have affected 200 people. “Credit cards are much newer. It is the work of a group of hackers which are experts in carding and phishing,” Cyberint said. Carding refers to the unauthorized use of stolen credit card information. It might include buying prepaid gift cards to cover up the tracks of criminals, exploiting personal data, or money laundering. The carding market encompasses two segments: selling card data in text format (card number, expiration date, cardholder’s name, address, and CVV) and card dumps (information taken from the card’s magnetic stripe). “The main rise in the leaked credit cards is due to a significant specific leak of credit cards collected by an underground marketplace named @ccantipbot. This marketplace, which is operated via Telegram bot, allows hackers to buy and receive fresh stolen credit cards,” Cyberint said. @ccantipbot, the company said, is operated by hackers focused on skimming credit card details. On 22 May, an anonymous actor from Russia published a list of tens of thousands of stolen credit cards collected by the threat actor group all the way back to 2021. “Although the exact reason for the leak was not revealed, the Cyberint team believes it is highly possible that this is due to the Russian-Ukrainian conflict, similar to the Conti Group leak. It is possible that an individual working within the group and access to its internal systems has published all the data the group has collected to shut them down,” the company said. It noted that @ccantipbot is not responding to any request to buy new credit card data, potentially due to the above leak. "Another option for the leak purpose is to create a major impact on the credit card issuer by supporting fraud activities against their customer or forcing the bank to shut down tens of thousands of credit cards to reduce potential fraud, causing immediate dissatisfaction,” Cyberint said.
Russians are left wondering why their drones no longer work... Anonymous Hits Russia With Devastating Drone Hack That Could Speed Up End Of War https://www.ibtimes.com/anonymous-hits-russia-devastating-drone-hack-could-speed-end-war-3536482https://www.ibtimes.com/anonymous-hits-russia-devastating-drone-hack-could-speed-end-war-3536482
Kremlin Says Cyberattack Delays Putin’s Forum Speech By 1 Hour https://www.bnnbloomberg.ca/kremlin-says-cyberattack-delays-putin-s-forum-speech-by-1-hour-1.1780233
Just keep in mind that Anonymous can do the same with spoofing and undermining Russian apps -- and probably more effectively. A Russian-backed malware group is spoofing pro-Ukraine apps, Google finds Details were published in a blog post from the Threat Analysis Group, which tracks state-backed cyber activity https://www.theverge.com/2022/7/19/23270049/russian-malware-ukraine-apps-turla-cyber-azov-google