Ukraine's biggest telecom operator Kyivstar has become the victim of a cyber attack, disrupting customer access to mobile and internet services.
"The cyberattack on Ukraine's #Kyivstar telecoms operator has impacted all regions of the country with high impact to the capital, metrics show, with knock-on impacts reported to air raid alert network and banking sector as work continues to restore connectivity," NetBlocks said in a series of posts on X (formerly Twitter).
Kyivstar, which is owned by Dutch-domiciled multinational telecommunication services company VEON, serves nearly 25 million mobile subscribers and more than 1 million home internet customers.
Beat AI-Powered Threats with Zero Trust - Webinar for Security Professionals
Traditional security measures won't cut it in today's world. It's time for Zero Trust Security. Secure your data like never before.
The company said the attack was "a result of" the war with Russia and that it has notified law enforcement and special state services. While Kyivstar is working to restore the services, the internet watchdog noted that the telco is largely offline.
That said, Kyivstar has yet to provide details about the nature of the attacks and what caused the shutdown. There is no evidence that the personal data of subscribers has been compromised in the incident.
"After stabilizing the network, all subscribers and corporate clients who as a result of a hacking attack could not use the services of the company, will definitely receive compensation," Kyivstar said in an update posted on Facebook.
 |
| Source: NetBlocks |
It's also urging users to be on the lookout for scams aiming to trick users into sharing their personal details and that "news about compensation and the timing of the network restoration will come exclusively from the company's official pages."
The pro-Russia hacktivist group KillNet claimed responsibility for the attack on Telegram, but did not offer any additional evidence to back its claims.
KillNet is coming off a few chaotic weeks of its own after the Russia-based Gazeta.ru unmasked the real-world identity of its leader — who goes by the online alias KillMilk — as Nikolai Serafimov, a 30-year-old Russian citizen.
KillMilk has since announced that he was retiring, and appointed a new leader "Deanon Club," who has claimed that "there will be a large-scale recruitment for the KillNet team, on all fronts" with the goal of striking government financial facilities, encryption firms, and the gambling sector.
The development also comes as the Defence Intelligence of Ukraine (GUR) revealed that it hacked into Russia's Federal Taxation Service (FNS) servers. Office.ed-it.ru, a Russian IT company that served as a database for the FNS, was also reportedly affected by the attack.
"During the special operation, military intelligence officers managed to infiltrate one of the well-protected key central servers of the Federal Tax Service (FTS of the Russian Federation), and then more than 2300 of its regional servers throughout Russia, as well as on the territory of the temporarily occupied Crimea," the agency said.
However, Anton Gorelkin, a Russian politician and lawmaker, said in a message on Telegram that the attack on FNS is fiction, adding it is an attempt on part of the Ukrainian government to "respond to their problems with Kyivstar."
Gloss