Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime , Security Operations
Pro-Moscow Nuisance Hackers Claim DDoS Attack on FBI Website
KillNet Asserts It Temporarily Made FBI Websites UnavailableA pro-Russian hacking group claimed responsibility Monday for a denial-of-service attack against FBI websites, marking the latest in a series of nuisance attacks launched against a seemingly capricious and global set of targets.
See Also: OnDemand | Where Did the Hackers Go? They Ran(somware): Insights into Ransomware Recovery
The group, KillNet, is widely classified as a low-threat-level collective of Russian online criminals who turned to hacktivism as a counterweight to Ukraine's marshalling of pro-Kyiv hacktivists. In a message posted to its Telegram channel, KillNet shared a post containing links purporting to show the FBI's Law Enforcement Enterprise Portal as unavailable. Data breach notifications firm BetterCyber tweeted that the website was inaccessible as of mid-Monday.
The Telegram post - a cross-post from another group dubbed Radis, which references "KillNet Team" in its bio - also contains links showing connection errors to an FBI job site and portal for law enforcement resources.
All sites are current accessible.
The FBI's LEEP platform provides web-based investigative tools and analytical resources to U.S. law enforcement agencies and intelligence groups. The FBI did not immediately respond to a request for comment.
The agency earlier this month said it was aware of "pro-Russian hacktivist groups employing DDoS attacks to target critical infrastructure companies with limited success."
KillNet is among a handful of Russian cybercrime groups that openly pledged allegiance to Moscow. The group, whose name comes from a tool that could be used to launch DDoS attacks, transformed into Kremlin-aligned hacktivists.
Since the beginning of the Russian invasion of Ukraine, KillNet have been actively recruiting volunteers, often organizing them into different squads with names such as "Kratos," "Rayd" and "Zarya," to conduct DDoS attacks against Western nations, according to threat monitoring firm Digital Shadows.
Last month, the group targeted websites of several major U.S. airports and temporarily disabled websites of American state governments (see: US Airport Websites Targeted by Russian KillNet Group). The group earlier attempted to stop online voting for the Eurovision Song Contest, held this year in the Italian city of Turin (see: Italian Police Repel Online Attempt to Disrupt Eurovision).