Most likely russian hackers defaced Ukrainian government websites

Hackers defaced several Ukrainian government websites: the attack occurred on the night of January 13-14 and affected the websites of the Ukrainian Foreign Ministry, the Ministry of Education and Science, the Ministry of Defense, the State Emergency Service, the website of the Cabinet of Ministers, and so on.

The Record notes that all resources have been deleted and their contents replaced with a statement published in Russian, Ukrainian and Polish.

Ukrainian! All your personal data has been sent to a public network. All data on your computer is destroyed and cannot be recovered. All information about you stab (public, fairy tale and wait for the worst. It is for you for your past, the future and the future. For Volhynia, OUN UPA, Galicia, Poland and historical areas.the hackers said in a statement.

The fact of the attack was officially confirmed by the country’s authorities by posting relevant messages on official websites, as well as on Facebook and Twitter. All affected resources have been temporarily down and some sites are still down, reporting that they are under maintenance.

Officials say they are investigating the attack and so far everything points to Russian hackers.

According to security researcher Gary Warner, the distortions appear to have been aimed at creating divisions between various ethnic groups, especially between native Ukrainians and the Polish minority.

The last sentence is meant to remind the people of the region about the ethnic cleansing of Poles in Volhynia and Galicia.Warner said.

Information security journalist Kim Zetter writes that sources in the Ukrainian government told her that a vulnerability in CMS October was used for the attack, which was used by all affected resources.

Sources tell me ~15 sites in Ukraine – all using October content management system – have been defaced, incl Min of Foreign Affairs, Cabinet of Ministers, Min of Ed, Emergency Services, Treasury, Environmental Protection. Attackers apparently used CVE-2021-32648.Kim Zetter tweeted.

Later, this information was confirmed in the Ukrainian CERT.

Let me remind you that we recently wrote that Russian-speaking hackers attacked the government infrastructure of Poland, and also that the FBI and NSA release a statement about attacks by Russian hackers.

By Vladimir Krasnogolovy

Vladimir is a technical specialist who loves giving qualified advices and tips on GridinSoft's products. He's available 24/7 to assist you in any question regarding internet security.

Leave a comment

Your email address will not be published. Required fields are marked *