Russian Sberbank says it’s facing massive waves of DDoS atattack

By Bill Toulas May 20, 2022 07:53 AM

"Russia's banking and financial services company Sberbank is being targeted in a wave of unprecedented hacker attacks. Earlier this month, the bank fought off the largest distributed denial-of-service (DDoS) attack in its history.

Sergei Lebed, vice president and director of cybersecurity at Sberbank, told the audience participating at the Positive Hack Days conference that thousands of internet users have been attacking the organization over the past months.

Sberbank is Russia's largest financial company and the third-largest in Europe, with total assets counting over $570 billion.

The entity was among the first to be sanctioned following the Russian invasion of Ukraine, and its operations on the European continent have been severely restricted as a result.

> Hackers siding with Ukraine have had Sberbank in their crosshair since the very beginning of the conflict in February. According to the bank, this activity hasn't abated.

Massive attacks waves

On May 6, 2022, Sberbank says it repelled the biggest DDoS attack it has ever seen, measured at 450GB/sec.

DDoS are resource-depletion attacks that aim to make online services unavailable to customers, leading to business disruption and financial losses.

The malicious traffic that supported the attack against Sberbank's main website was generated by a botnet with 27,000 compromised devices located in the United States, the U.K., Japan, and Taiwan.

As Lebed explained, the cybercriminals used various tactics to carry out this cyberattack, including code injections into advertising scripts, malicious Chrome extensions, and Docker containers weaponized with DDoS tools.

Lebed says they detected over 100,000 internet users attacking them in the past couple of months, while in March, they recorded 46 simultaneous DDoS attacks on different Sberbank services.

Many of these attacks exploited traffic on online streaming and movie theater sites, similar to a tactic employed by Pro-Russian threat groups against key Ukrainian websites. . .

DDoS attacks at this level are likely to continue as long as the geopolitical tensions continue to create a polarizing environment, and as Sberbank's announcement concludes, they are may go down in number but grow in power.

This is in line with what Radware reported yesterday, a 1.1 Tbps DDoS attack lasting 36 hours, signifying that threat actors are becoming far more capable even compared to last year."

Source: https://www.bleepingcomputer.com/news/security/russian-sberbank-says-it-s-facing-massive-waves-of-ddos-attacks/

Security

The Week in Ransomware - May 20th 2022 - Another one bites the dust

Ransomware attacks continue to slow down, likely due to the invasion of Ukraine, instability in the region, and subsequent worldwide sanctions against Russia.