Russia’s largest bank VTB is taken offline by a massive DDoS attack

Russia’s largest financial institution VTB Bank claims it has been the victim of the worst cyberattack since its mobile app and website were shut down by a DDoS attack.

According to a VTB spokesperson, stated that the VTB’s technological infrastructure was under cyberattack from far away.

It is the biggest cyberattack in bank history.

According to the bank, its internal analysis shows that the DDoS attack was orchestrated and planned with the purpose of disrupting banking services for customers.

VTB’s online portals remain offline at the moment, however, VTB claims that all core banking services are normal.

VTB also claims that customer data is protected because it’s kept within the infrastructure’s internal perimeter, which attackers cannot penetrate.

According to the bank, most DDoS attacks originate outside of the country. There are however, several Russian IP addresses that were involved in this attack.

Foreign actors may use local proxies to carry out attacks, or they might have recruited local dissidents for their DDoS campaign.

The Russian police authorities have been notified about the IP addresses to conduct criminal investigations.

VTB is 61% owned by the state, and the Ministry of Finance as well as the Ministry of Economic Development have shares in it. These attacks are therefore a direct blow to Russia’s government.

Attack by the ‘IT Army of Ukraine’

IT Army of Ukraine (pro-Ukraine hacktivist) claimed the DDoS attacks on VTB. They announced the attack via Telegram in November.

This hacktivist group was created with official approval by the Ukrainian government . It aims to improve the cyber security of Ukraine.

The ‘IT Army of Ukraine’ has caused significant service disruptions, including an outage of the portal that use and the closing of the a prominent Russian defense and aerospace conglomerate.

Pro-Ukraine hackers were very active in November. They targeted over 900 Russian organizations, including drone stores, the Central Bank of Russia and the National Center for the Development of Artificial Intelligence.

VTB was disrupted for the first time on December 1, 2022 when hackers posted comments about VTB customers via social media. The bank attempted to downplay the complaints.

VTB was forced to admit publicly that it is facing a DDoS attack due to the bank’s disruption of service.