Central Bank of Russia was hacked; confidential data leaked

As part of cyberattacks in protest against the military invasion of Ukraine, the hacktivist group Anonymous claims to have compromised the systems of the Central Bank of Russia, resulting in the leak of 28 GB of sensitive data now available for download. The group announced this attack through the Twitter account @Thblckrbbtworld.

The leak was confirmed by the non-profit organization Distributed Denial of Secrets (DDoSecrets), which ensures that the compromised information will be stored and archived on its official platforms.

Although the researchers who have analyzed the leak assure that it is impossible to verify folder by folder, the analysis of some samples of this file seem to confirm the legitimacy of this data, with financial records dating back to 1999. The leak includes invoices, internal communication documents, account statements, names of shareholders of various banks, banking licenses, names and addresses of high-profile customers, and other records.

The Central Bank of Russia operates like any of its counterparts in other regions, being responsible for monetary policy and the proper functioning of the payment system in the Russian Federation. This institution is also responsible for protecting the stability of the ruble, so any threat to its integrity could prove disastrous in economic terms.

On Anonymous, specialists mention that the hacktivist group has been on the side of Ukraine since the beginning of the invasion, deploying some attacks against Russian IT infrastructure, affecting some operations in the public and private sectors. In one of its most eye-catching attacks, the group managed to hack Roskomnadzor, Russia’s Federal Service for the Supervision of Communications, Information Technology and Media. This attack resulted in the leak of more than 300,000 sensitive files, now available through DDoSecrets.

In other separate attacks, hackers managed to compromise the computer systems of TV channels, streaming services, government agencies, CCTV systems and enterprise networks, disrupting critical operations and exposing sensitive information.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.