DecryptedTech

Wednesday18 May 2022

Ukrainian Hacktivists Hit Russia Where It Hurts, Alcohol.


Reading time is around minutes.

Its seems that the efforts of Ukrainian hacktivists have decided to focus their efforts on a new and interesting target. In addition to other strategic targets, they have gone after one of the central portals for Russian alcohol distribution. The attack is currently manifested in the form of a distributed denial of service attack(s) targeting the portal to render it inaccessible. This means that distillers and distributors of alcoholic beverages are not able to get their products into consumers hands.

The effect has had a significant effect on the market that is on the verge of being an actual shortage. The portal is the EGAUS portal and is currently still offline while the attacks continue. Researchers note that the URLs and IPs used by the portal are up on the Ukraine’s IT Army Telegram channel. This fact does not mean that they are behind the attack, but it would seem to indicate that they view it as a good target for disruption.

This type of attack is particularly effective against Russia as many of their industries are highly centralized (perhaps a leftover from the old Soviet Union). By hitting the central controls and service portals or systems with DDoS attacks the Ukrainian Hacktivist groups (that do include people around the world) can create massive supply issues at multiple levels of the Russian economy.

The Ukraine IT Army has also been linked to other types of attack including what appear to be ransomware attacks. Again, using centralized and state-controlled systems to get into the organization in the first place. We have also head reports that some groups are use leaked Conti source code as part of their efforts.

The attacks are all part of a non-organized “group” of people that are using their skills in support of Ukraine during the Russian invasion. The group and their activities while laudable in their efforts and goal are still illegal. It is highly unlikely that any action would be taken against them other than in Russia at this stage of the game and given the targets involved.

Russia also has a group of hacktivists on their side, but there is little confirmed news related to their efforts. We have a feeling that anyone associated with that group is keeping things quiet. After Conti came out in support of Russia the response was leaking of source code and internal chat logs that have given researchers great insight into their operations. Other groups that might be sympathetic to Russia are unlikely to want to go through something like that.

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.